Top

Published in:

2021 | OriginalPaper | Chapter

An HTTP DDoS Detection Model Using Machine Learning Techniques for the Cloud Environment

Authors : N. Muraleedharan, B. Janet

Published in: Advances in Computing and Network Communications

Publisher: Springer Singapore

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The cloud computing platform has been evolved as an essential computing paradigm for today's world. As the cloud environment mainly focuses on the service model, to ensure the availability of these services to the intended user is an essential requirement. In this paper, an HTTP DDoS detection model for the cloud environment is presented. The proposed system uses machine learning-based classifiers on network flow data. Four tree-based classifiers, i.e., decision tree, random forest, XGBoost, and AdaBoost are applied to the identified parameters. The CIDDS-001 dataset were used for training and evaluation. Results obtained show that the proposed classifier can achieve 99.99% accuracy using the random forest classifier. Comparing the obtained results with the recent works available in the literature shows the proposed model outperforms it in the classification accuracy.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Digital Image Transmission Using Combination of DWT-DCT Watermarking and AES Technique

next chapter IoT Device Authentication and Access Control Through Hyperledger Fabric

P. Mell, T. Grance, in The NIST definition of cloud computing. Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology, Sept 2011

Cloud Security Alliance, The Treacherous 12—Top Threats to Cloud Computing + Industry Insights. Cloud Security Alliance, 2017. [Online]. Available: https://downloads.cloudsecurityalliance.org/assets/research/top-threats/treacherous-12-top-threats.pdf.

Z. Xiao, Y. Xiao, Security and Privacy in Cloud Computing. IEEE Commun. Surv. Tutor. 15(2), 843–859 (2013)CrossRef

N. Hoque, D.K. Bhattacharyya, J.K. Kalita, Botnet in DDoS Attacks: Trends and Challenges. IEEE Commun. Surv. Tutor. 17(4), 2242–2270 (2015). https://doi.org/10.1109/COMST.2015.2457491CrossRef

C. Rossow, in Amplification Hell: Revisiting Network Protocols for DDoS Abuse (2014).

F.J. Ryba, M. Orlinski, M. Wählisch, C. Rossow, T.C. Schmidt, in Amplification and DRDoS Attack Defense—A survey and New Perspectives. arXiv preprint arXiv:1505.07892 (2015)

N. Muraleedharan, B. Janet, Behaviour analysis of HTTP based slow denial of service attack, in 2017 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET) (2017), pp. 1851–1856

K. Alieyan, M.M. Kadhum, M. Anbar, S.U. Rehman, N.K.A. Alajmi, An overview of DDoS attacks based on DNS, in 2016 International Conference on Information and Communication Technology Convergence (ICTC), Jeju, Oct 2016, pp. 276–280. https://doi.org/10.1109/ICTC.2016.7763485

T. Zhang, Y. Zhang, R.B. Lee, Dos attacks on your memory in cloud, in Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security (2017), pp. 253–265

10.

M. Masdari, M. Jalali, A survey and taxonomy of DoS attacks in cloud computing. Secur. Commun. Networks 9(16), 3724–3751 (2016)CrossRef

11.

G. Somani, M.S. Gaur, D. Sanghi, M. Conti, R. Buyya, DDoS attacks in cloud computing: Issues, taxonomy, and future directions. Comput. Commun. 107, 30–48 (2017)CrossRef

12.

N. Agrawal, S. Tapaswi, Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the-art and research challenges. IEEE Commun. Surv. Tutorials 21(4), 3769–3795 (2019)CrossRef

13.

G. Somani, M.S. Gaur, D. Sanghi, DDoS/EDoS attack in cloud: affecting everyone out there!, in Proceedings of the 8th International Conference on Security of Information and Networks (2015), pp. 169–176

14.

S. Velliangiri, P. Karthikeyan, V. Vinoth Kumar, Detection of distributed denial of service attack in cloud computing using the optimization-based deep networks. J. Experim. Theor. Artif. Intell. 1–20 (2020). https://doi.org/10.1080/0952813X.2020.1744196

15.

M. Idhammad, K. Afdel, M. Belouch, Detection system of HTTP DDoS attacks in a cloud environment based on information theoretic entropy and random forest, in Security and Communication Networks, vol. 2018 (2018)

16.

J. David, C. Thomas, DDoS attack detection using fast entropy approach on flow-based network traffic. Procedia Comput. Sci. 50(4), 30–36 (2015)CrossRef

17.

M. Zekri, S. El Kafhali, N. Aboutabit, Y. Saadi, DDoS attack detection using machine learning techniques in cloud computing environments, in 2017 3rd International Conference of Cloud Computing Technologies and Applications (CloudTech) (2017), pp. 1–7

18.

N. Mishra, R.K. Singh, DDoS vulnerabilities analysis and mitigation model in cloud computing. J. Discrete Math. Sci. Cryptogr. 23(2), 535–545 (2020). https://doi.org/10.1080/09720529.2020.1729503CrossRef

19.

D.J. Prathyusha, S. Naseera, D.J. Anusha, K. Alisha, A review of biologically inspired algorithms in a cloud environment to combat DDoS attacks, in Smart Intelligent Computing and Applications, vol. 160, ed. by S.C. Satapathy, V. Bhateja, J.R. Mohanty, S.K. Udgata (Springer, Singapore, 2020), pp. 59–68CrossRef

20.

A. Sperotto, G. Schaffrath, R. Sadre, C. Morariu, A. Pras, B. Stiller, An overview of IP flow-based intrusion detection. IEEE Commun. Surv. Tutor. 12(3), 343–356 (2010)CrossRef

21.

M. Ring, S. Wunderlich, D. Grüdl, D. Landes, A. Hotho, Creation of flow-based data sets for intrusion detection. J. Inform. Warfare 16(4), 40–53 (2017)

22.

M. Ring, S. Wunderlich, D. Grüdl, D. Landes, A. Hotho, Flow-based benchmark data sets for intrusion detection, in Proceedings of the 16th European Conference on Cyber Warfare and Security (ECCWS) (ACPI, 2017), pp. 361–369

23.

M. Ring, S. Wunderlich, D. Grüdl, Technical Report CIDDS-001 data set, April 28, 2017. https://www.hs-coburg.de/fileadmin/hscoburg/Forschung/WISENT_cidds_Technical_Report.pdf

24.

F. Pedregosa, et al., Scikit-learn: machine learning in Python. J. Mach. Learn. Res. 12, 2825–2830 (2011)

Title: An HTTP DDoS Detection Model Using Machine Learning Techniques for the Cloud Environment
Authors: N. Muraleedharan
B. Janet
Publisher: Springer Singapore
Book: Advances in Computing and Network Communications
Print ISBN: 978-981-336-976-4

Electronic ISBN: 978-981-336-977-1

Copyright Year: 2021
DOI: https://doi.org/10.1007/978-981-33-6977-1_50

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"