Top

Mobile Networks and Applications

Published in:

28-04-2022

A Deep Learning Approach to Detection and Mitigation of Distributed Denial of Service Attacks in High Availability Intelligent Transport Systems

Authors: Nitish Mahajan, Amita Chauhan, Harish Kumar, Sakshi Kaushal, Arun Kumar Sangaiah

Published in: Mobile Networks and Applications | Issue 4/2022

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

In the era of Internet of Things (IoT) powered by 5G technologies, Automobile Industry is headed towards a revolution. In Intelligent Transport Systems (ITS), vehicles act as connected entities, and exchange data with each other and with the back-end servers on the mobile network. These communications are often session based and require a light weight protocol for session establishment and continuity. Session Initiation Protocol (SIP) can act as the base for this kind of communication. However, its simplicity also makes the protocol vulnerable to various web attacks such as identity theft and Distributed Denial of Service (DDoS). As 5G technologies will enable high data rates to the users, this will also exponentially increase the threat of high-speed DDoS on the servers originating from different sources. Thus, appropriate solutions need to be developed for securing SIP systems from these threats. Machine Learning (ML) has transpired as a building block in cyber security solutions, and a large number of techniques are available to make quick and robust network defense systems by automating the identification of attack flows in the network. In this paper, a Deep Learning-based model is proposed for the identification and alleviation of DDoS attacks in SIP based networks. The work presented here uses a system that is scalable and highly available with load balancing and failover addressing capabilities. The datasets used for conducting experiments are created by emulating SIP sessions, generating DDoS attacks, capturing the normal and attack flows, and extracting time window-based features from the packets. A stacked autoencoder model is trained on the curated datasets to detect various types of DDoS attacks. Once an attack is detected, the Mitigation Policy Recommender module recommends various actions for threat mitigation. Performance of the system is assessed in terms of Accuracy, Precision, Recall and F1-Score. The proposed model obtains a significant improvement in the performance than the previously existing state-of-the-art techniques in terms of accuracy and detection rate.

previous article Editorial: Intelligent Collaboration Under Internet of Things and Mobile Edge Computing

next article An Optimized Collaborative Scheduling Algorithm for Prioritized Tasks with Shared Resources in Mobile-Edge and Cloud Computing Systems

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

ATZelektronik

Die Fachzeitschrift ATZelektronik bietet für Entwickler und Entscheider in der Automobil- und Zulieferindustrie qualitativ hochwertige und fundierte Informationen aus dem gesamten Spektrum der Pkw- und Nutzfahrzeug-Elektronik.

Lassen Sie sich jetzt unverbindlich 2 kostenlose Ausgabe zusenden.

inform now

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information.

Order your 30-days-trial for free and without any commitment.

inform now

Ddos protection kaspersky (2019) https://www.keycdn.com/blog/ddos-protection

Cox business ddos statistics (2019) https://www.coxblue.com/12-ddos-statistics-that-should-concern-business-leaders (Accessed: 2019)

Ddos attack on a us service provider (2019) https://www.theregister.co.uk/2018/03/05/worlds_biggest_ddos_attack_record_broken_after_just_ve_days/ (Accessed: 2019)

Longest ddos attack in 2016 (2019) https://securelist.com/kaspersky-ddos-intelligence-report-for-q1-2016/74550/ (Accessed: 2019)

Longest ddos attack in 2018 (2019) https://securelist.com/ddos-report-in-q2-2018/86537/ (Accessed: 2019)

Opensips (2019) https://www.opensips.org (Accessed: 2019)

Startrinity sip tester (2019) http://startrinity.com/VoIP/SipTester/SipTester.aspx (Accessed: 2019)

Wireshark (2019) https://www.wireshark.org/ (Accessed: 2019)

Aggarwal S, Mahajan N, Kaushal S, Kumar H (2019) Load balancing and clustering scheme for real-time voip applications. In: Advances in computer communication and computational sciences, pp 451–461. Springer

10.

Akbar A, Basha SM, Sattar SA, Raziuddin S (2016) An intelligent sip message parser for detecting and mitigating ddos attacks. Int J Innov Eng Technol 7(2):1–7

11.

Akbar MA, Farooq M (2014) Securing sip-based voip infrastructure against flooding attacks and spam over ip telephony. Knowl Inf Syst 38(2):491–510CrossRef

12.

Alam MM, Arafat MY, Ahmed F (2015) Study on auto detecting defence mechanisms against application layer ddos attacks in sip server. J Netw 10(6):344

13.

Asad M, Asim M, Javed T, Beg MO, Mujtaba H, Abbas S (2019) Deepdetect: Detection of distributed denial of service attacks using deep learning. Comput J

14.

Blander E, Peles A (2015) Geographic resiliency and load balancing for sip application services. US Patent 9,143,558

15.

Cvitić I, Peraković D, Periša M, Botica M (2019) Novel approach for detection of iot generated ddos traffic. Wireless Netw 1–14

16.

Dassouki K, Safa H, Nassar M, Hijazi A (2017) Protecting from cloud-based sip flooding attacks by leveraging temporal and structural fingerprints. Comput Secur 70:618–633CrossRef

17.

Dayanandam G, Reddy ES, Babu DB (2017) Regression algorithms for efficient detection and prediction of ddos attacks. In: 2017 3Rd International conference on applied and theoretical computing and communication technology (iCATcct), pp 215–219. IEEE

18.

Ehlert S, Wang C, Magedanz T, Sisalem D (2008) Specification-based denial-of-service detection for sip voice-over-ip networks. In: 2008 The third international conference on internet monitoring and protection, pp 59–66. IEEE

19.

Ferrag MA, Maglaras L, Janicke H, Smith R (2019) Deep learning techniques for cyber security intrusion detection: a detailed analysis. In: 6Th International symposium for ICS & SCADA cyber security research 2019 6, pp 126–136

20.

Francis PL, Collins DA, Dubois GR, Bunch JL, Pokala NR (2014) Load balancing for sip services. US Patent 8,775,628

21.

Gao H, Qin X, Barroso RJD, Hussain W, Xu Y, Yin Y (2020) Collaborative learning-based industrial iot api recommendation for software-defined devices: The implicit knowledge discovery perspective. IEEE Trans Emerging Topics Comput Intell

22.

Golait D, Hubballi N (2016) Voipfd: Voice over ip flooding detection. In: 2016 Twenty second national conference on communication (NCC), pp 1–6. IEEE

23.

Golait D, Hubballi N (2017) Detecting anomalous behavior in voip systems: a discrete event system modeling. IEEE Trans Inf Forensics Secur 12(3):730–745CrossRef

24.

Gutierrez SA, Branch JW (2013) Application of machine learning techniques to distributed denial of service (ddos ) attack detection : A systematic literature review

25.

Huang Y, Xu H, Gao H, Ma X, Hussain W (2021) Ssur: an approach to optimizing virtual machine allocation strategy based on user requirements for cloud data center. IEEE Trans Green Commun Netw 5(2):670–681CrossRef

26.

Jiang H, Iyengar A, Nahum E, Segmuller W, Tantawi AN, Wright CP (2012) Design, implementation, and performance of a load balancer for sip server clusters. IEEE/ACM Trans Netw 20(4):1190–1202CrossRef

27.

Kambourakis G, Geneiatakis D, Gritzalis S, Lambrinoudakis C, Dagiuklas T, Ehlert S, Fiedler J (2010) High availability for sip: Solutions and real-time measurement performance evaluation. Int J Disaster Recovery Business Continuity 1(1):11–30

28.

Kurt B, Yıldız Ç, Ceritli TY, Sankur B, Cemgil AT (2018) A bayesian change point model for detecting sip-based ddos attacks. Digital Signal Processing 77:48–62MathSciNetCrossRef

29.

Langen AR, Kramer R, Connelly D, Khan RN, Beatty J, Cosmadopoulos I, Cheenath M (2010) Sip server architecture fault tolerance and failover. US Patent 7,661,027

30.

Linda O, Vollmer T, Manic M (2009) Neural network based intrusion detection system for critical infrastructures. In: 2009 International joint conference on neural networks, pp 1827–1834. IEEE

31.

Ma X, Gao H, Xu H, Bian M (2019) An iot-based task scheduling optimization scheme considering the deadline and cost-aware scientific workflow for cloud computing. EURASIP J Wirel Commun Netw 2019(1):1–19CrossRef

32.

Manan J, Ahmed A, Ullah I, Merghem-Boulahia L, Gaïti D (2019) Distributed intrusion detection scheme for next generation networks. J Netw Comput Appl 147(102):422

33.

Mladenov B (2018) Research and solutions for ddos detection and mitigation with software defined networks

34.

Nassar M, Festor O, et al. (2010) Labeled voip data-set for intrusion detection evaluation. In: Meeting of the european network of universities and companies in information and communication engineering, pp 97–106. Springer

35.

Pan Y, Sun F, Teng Z, White J, Schmidt DC, Staples J, Krause L (2019) Detecting web attacks with end-to-end deep learning. J Internet Serv Appl 10(1):1–22CrossRef

36.

Rahal R, Korba AA, Ghoualmi-Zine N (2020) Towards the development of realistic dos dataset for intelligent transportation systems. Wirel Pers Commun, 1–30

37.

Sanders J (2015) Chinese government linked to largest ddos attack in github history. TechRepublic April

38.

Schooler E, Rosenberg J, Schulzrinne H, Johnston A, Camarillo G, Peterson J, Sparks R, Handley MJ (2002) SIP: Session Initiation Protocol. RFC 3261. https://doi.org/10.17487/RFC3261. https://rfc-editor.org/rfc/rfc3261.txt

39.

Semerci M, Cemgil AT, Sankur B (2018) An intelligent cyber security system against ddos attacks in sip networks. Comput Netw 136:137–154CrossRef

40.

Sharafaldin I, Lashkari AH, Ghorbani AA (2018) Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: ICISSP, pp. 108–116

41.

Shim CB, Xie L (2010) System and method for load balancing a communications network. US Patent 7,805,517

42.

Shiravi A, Shiravi H, Tavallaee M, Ghorbani A A (2012) Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput Secur 31(3):357–374CrossRef

43.

Shoket H, Aulakh JS (2018) Secure voip lte network for secure transmission using plrt (packet level restraining technique) under ddos attack. In: 2018 5Th International conference on signal processing and integrated networks (SPIN), pp 878–882. IEEE

44.

Shone N, Ngoc TN, Phai VD, Shi Q (2018) A deep learning approach to network intrusion detection. IEEE Trans Emerging Topics Comput Intell 2(1):41–50CrossRef

45.

Tas IM, Ugurdogan B, Baktir S (2016) Novel session initiation protocol-based distributed denial-of-service attacks and effective defense strategies. Comput Secur 63:29–44CrossRef

46.

Tsiatsikas Z, Fakis A, Papamartzivanos D, Geneiatakis D, Kambourakis G, Kolias C (2015) Battling against ddos in sip: is machine learning-based detection an effective weapon?. In: E-business and telecommunications (ICETE), 2015 12th international joint conference on, vol 4, pp 301–308. IEEE

47.

Tsiatsikas Z, Geneiatakis D, Kambourakis G, Keromytis AD (2015) An efficient and easily deployable method for dealing with dos in sip services. Comput Commun 57:50–63CrossRef

48.

Wang C, Wu J, Zheng X, Pei B, Zhang X, Yu D, Tang J (2020) Leveraging icn with network sensing for intelligent transportation systems: A dynamic naming approach. IEEE Sensors Journal

49.

Yang X, Zhou S, Cao M (2020) An approach to alleviate the sparsity problem of hybrid collaborative filtering based recommendations: The product-attribute perspective from user reviews. Mobile Networks & Applications 25(2)

50.

Yin Y, Cao Z, Xu Y, Gao H, Li R, Mai Z (2020) Qos prediction for service recommendation with features learning in mobile edge computing environment. IEEE Trans Cogn Commun Netw 6 (4):1136–1145CrossRef

51.

Yu J (2016) An empirical study of denial of service (dos) against voip. In: 2016 15Th international conference on ubiquitous computing and communications and 2016 international symposium on cyberspace and security (IUCC-CSS), pp 54–60. IEEE,

52.

Yuan X, Li C, Li X (2017) Deepdefense: identifying ddos attack via deep learning. In: 2017 IEEE International conference on smart computing (SMARTCOMP), pp 1–8. IEEE

Title: A Deep Learning Approach to Detection and Mitigation of Distributed Denial of Service Attacks in High Availability Intelligent Transport Systems
Authors: Nitish Mahajan
Amita Chauhan
Harish Kumar
Sakshi Kaushal
Arun Kumar Sangaiah
Publication date: 28-04-2022
Publisher: Springer US
Published in: Mobile Networks and Applications / Issue 4/2022
Print ISSN: 1383-469X
Electronic ISSN: 1572-8153
DOI: https://doi.org/10.1007/s11036-022-01973-z

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

ATZelektronik

ATZelectronics worldwide

Other articles of this Issue 4/2022

Cascade Forward Artificial Neural Network based Behavioral Predicting Approach for the Integrated Satellite-terrestrial Networks

Correction to: Deep Reinforcement Learning for Load Balancing of Edge Servers in IoV

Multi Source Data Association Clustering Analysis Based on Symmetric Encryption Algorithm

Multi-UAV Collaborative Wireless Communication Networks for Single Cell Edge Users

The Calculation Method of the Network Security Probability of the Multi-rail Division Based on Fuzzy Inference

Editorial: Intelligent Collaboration Under Internet of Things and Mobile Edge Computing