Skip to main content
Top
Published in: Mobile Networks and Applications 4/2021

11-01-2020

MF-CNN: a New Approach for LDoS Attack Detection Based on Multi-feature Fusion and CNN

Authors: Dan Tang, Liu Tang, Wei Shi, Sijia Zhan, Qiuwei Yang

Published in: Mobile Networks and Applications | Issue 4/2021

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Low-rate denial-of-service (LDoS) attack reduce the performance of network services by periodically sending short-term and high-pulse packets. The behavior of LDoS attack is indistinguishable from normal traffic due to its low average rate. Many networks do not have an effective mechanism to deal with the threat from LDoS attack, including the emerging Internet of Things. When LDoS attack occurs, multiple features of network will change. It is difficult to describe the state of the whole network by one feature. So it needs many features to precisely represent the state of the network. In this paper, we propose a LDoS attack detection method based on multi-feature fusion and convolution neural network(CNN). In this method, we compute a variety of network features and fuse them into a feature map, which will be used to characterize the state of the network. CNN model is an excellent classification algorithm for image recognition in the field of deep learning. It can distinguish the difference between feature maps and detect the feature maps which contain LDoS attack. We validate and evaluate our method by conducting experiments on NS2 simulation platform and test-bed platform. The experimental results show that our method can detect LDoS attack effectively.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Show more products
Literature
1.
go back to reference Wen K, Hai YJ, Zhang B, University T (2014) Survey on Research and Progress of Low-Rate Denial of Service Attacks. J Softw 533(7):37 Wen K, Hai YJ, Zhang B, University T (2014) Survey on Research and Progress of Low-Rate Denial of Service Attacks. J Softw 533(7):37
2.
go back to reference Yanxiang HE, Liu T, Cao Q, Xiong Q (2008) A survey of Low-rate Denial-of-Service attacks. J Frontiers Comput Sci Technol Yanxiang HE, Liu T, Cao Q, Xiong Q (2008) A survey of Low-rate Denial-of-Service attacks. J Frontiers Comput Sci Technol
3.
go back to reference Somani G, Gaur MS, Sanghi D, Conti M (2016) DDoS attacks in cloud computing. Comput Netw Int J Comput Telecomm Netw 109(P2):157 Somani G, Gaur MS, Sanghi D, Conti M (2016) DDoS attacks in cloud computing. Comput Netw Int J Comput Telecomm Netw 109(P2):157
4.
go back to reference Hameed S, Ahmed Khan H (2018) SDN Based Collaborative Scheme for Mitigation of DDoS Attacks. Future Internet 10(3):23CrossRef Hameed S, Ahmed Khan H (2018) SDN Based Collaborative Scheme for Mitigation of DDoS Attacks. Future Internet 10(3):23CrossRef
5.
go back to reference Guan L, Guangjun HU, Wang Z (2016) Research on Network Security Situational Awareness Technology Based on Big Data. Netinfo Security Guan L, Guangjun HU, Wang Z (2016) Research on Network Security Situational Awareness Technology Based on Big Data. Netinfo Security
6.
go back to reference Jayanthi S, Kumar A (2015) RTO randomization for Low rate DOS attack on a Feedback controlled system. Int J Adv Res Comput Sci 6(2) Jayanthi S, Kumar A (2015) RTO randomization for Low rate DOS attack on a Feedback controlled system. Int J Adv Res Comput Sci 6(2)
7.
go back to reference Litjens G, Kooi T, Bejnordi BE, Setio AAA, Ciompi F, Ghafoorian M, Van Der Laak JA, Van Ginneken B, Sánchez CI (2017) A survey on deep learning in medical image analysis. Medical Image Analysis 42:60CrossRef Litjens G, Kooi T, Bejnordi BE, Setio AAA, Ciompi F, Ghafoorian M, Van Der Laak JA, Van Ginneken B, Sánchez CI (2017) A survey on deep learning in medical image analysis. Medical Image Analysis 42:60CrossRef
8.
9.
go back to reference Zhang C, Cai Z, Chen W, Luo X, Yin J (2012) Flow level detection and filtering of low-rate DdoS. Comput Netw Int J Comput Telecomm Netw 56(15):3417 Zhang C, Cai Z, Chen W, Luo X, Yin J (2012) Flow level detection and filtering of low-rate DdoS. Comput Netw Int J Comput Telecomm Netw 56(15):3417
10.
go back to reference Wu Z, Zhang HT, Wang MH, Pei BS (2012) MSABMS-based approach of detecting LDoS attack. Comput Secur 31(4):402CrossRef Wu Z, Zhang HT, Wang MH, Pei BS (2012) MSABMS-based approach of detecting LDoS attack. Comput Secur 31(4):402CrossRef
11.
go back to reference Wu Z, Zhang L, Yue M (2016) Low-Rate DoS Attacks Detection Based on Network Multifractal. IEEE Trans Dependable Secure Comput 13(5):559CrossRef Wu Z, Zhang L, Yue M (2016) Low-Rate DoS Attacks Detection Based on Network Multifractal. IEEE Trans Dependable Secure Comput 13(5):559CrossRef
12.
go back to reference Şimşek M (2015) A new metric for flow-level filtering of low-rate DDoS attacks. Secur Commun Netw 8 (18):3815CrossRef Şimşek M (2015) A new metric for flow-level filtering of low-rate DDoS attacks. Secur Commun Netw 8 (18):3815CrossRef
13.
go back to reference Agrawal N, Tapaswi S (2018) Low rate cloud DDoS attack defense method based on power spectral density analysis. Inform Process Lett 138:44–55MathSciNetCrossRef Agrawal N, Tapaswi S (2018) Low rate cloud DDoS attack defense method based on power spectral density analysis. Inform Process Lett 138:44–55MathSciNetCrossRef
14.
go back to reference Wu X, Tang D, Tang L, Man J, Zhan S, Liu Q (2018) A Low-Rate DoS Attack Detection Method Based on Hilbert Spectrum and Correlation. In: IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI). IEEE, 2018, pp 1358–1363 Wu X, Tang D, Tang L, Man J, Zhan S, Liu Q (2018) A Low-Rate DoS Attack Detection Method Based on Hilbert Spectrum and Correlation. In: IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI). IEEE, 2018, pp 1358–1363
15.
go back to reference Guo Y, Duan H, Chen J, Miao F (2016) MAF-SAM: An Effective Method to Perceive Data Plane Threats of Inter Domain Routing System. Comput Netw 110:69CrossRef Guo Y, Duan H, Chen J, Miao F (2016) MAF-SAM: An Effective Method to Perceive Data Plane Threats of Inter Domain Routing System. Comput Netw 110:69CrossRef
16.
go back to reference Yue M, Liu L, Wu Z, Wang M (2017) Identifying LDoS attack traffic based on wavelet energy spectrum and combined neural network. Int J Comm Sys 31(2) Yue M, Liu L, Wu Z, Wang M (2017) Identifying LDoS attack traffic based on wavelet energy spectrum and combined neural network. Int J Comm Sys 31(2)
17.
go back to reference Wu Z, Jiang J, Yue M (2017) A Particle Filter-Based Approach for Effectively Detecting Low-Rate Denial of Service Attacks. In: International conference on cyber-enabled distributed computing and knowledge discovery, pp 86–90 Wu Z, Jiang J, Yue M (2017) A Particle Filter-Based Approach for Effectively Detecting Low-Rate Denial of Service Attacks. In: International conference on cyber-enabled distributed computing and knowledge discovery, pp 86–90
18.
go back to reference Zhang X, Wu Z, Chen J, Yue M (2015) An adaptive KPCA approach for detecting LDoS attack. Int J Commun Sys 30:e2993CrossRef Zhang X, Wu Z, Chen J, Yue M (2015) An adaptive KPCA approach for detecting LDoS attack. Int J Commun Sys 30:e2993CrossRef
19.
go back to reference Na W, Zhaoyang M, Liangchun Z (2015) Distributed denial of service convert flow detection based on data stream potential energy feature. Comput Eng 41(3):142 Na W, Zhaoyang M, Liangchun Z (2015) Distributed denial of service convert flow detection based on data stream potential energy feature. Comput Eng 41(3):142
20.
go back to reference Tang D, Dai R, Tang L, Zhan S, Man J (2018) Low-Rate DoS Attack Detection Based on Two-Step Cluster Analysis. In: International conference on information and communications security. Springer, pp 92–104 Tang D, Dai R, Tang L, Zhan S, Man J (2018) Low-Rate DoS Attack Detection Based on Two-Step Cluster Analysis. In: International conference on information and communications security. Springer, pp 92–104
21.
go back to reference Cotae P, Kang M, Velazquez A (2016) Spectral analysis of low rate of denial of service attacks detection based on fisher and Siegel tests. In: IEEE international conference on communications (ICC). IEEE, 2016, pp 1–6 Cotae P, Kang M, Velazquez A (2016) Spectral analysis of low rate of denial of service attacks detection based on fisher and Siegel tests. In: IEEE international conference on communications (ICC). IEEE, 2016, pp 1–6
22.
go back to reference Du X, Yang Y, Kang X (2008) Research of Applying Information Entropy and Clustering Technique on Network Traffic Analysis. In: International conference on computational intelligence and security, pp 472–476 Du X, Yang Y, Kang X (2008) Research of Applying Information Entropy and Clustering Technique on Network Traffic Analysis. In: International conference on computational intelligence and security, pp 472–476
23.
go back to reference Belsare SC (2016) Survey on Defeating Dos Attacks in Low Rate Networks Using Network Multifractal. Int J Res Comput Inform Technol 1:19–21 Belsare SC (2016) Survey on Defeating Dos Attacks in Low Rate Networks Using Network Multifractal. Int J Res Comput Inform Technol 1:19–21
24.
go back to reference Chen W, An J, Li R, Li W (2017) Review on deep-learning-based cognitive computing. Acta Automat Sinica 43(11):1886MATH Chen W, An J, Li R, Li W (2017) Review on deep-learning-based cognitive computing. Acta Automat Sinica 43(11):1886MATH
25.
go back to reference Tang D, Chen K, Chen X, Liu H, Li X (2014) Adaptive EWMA Method based on abnormal network traffic for LDoS attacks. Mathematical Problems in Engineering 2014 Tang D, Chen K, Chen X, Liu H, Li X (2014) Adaptive EWMA Method based on abnormal network traffic for LDoS attacks. Mathematical Problems in Engineering 2014
26.
go back to reference Luo X, Chan EWW, Chang RKC (2006) Vanguard: A New Detection Scheme for a Class of TCP-targeted Denial-of-Service Attacks. In: Network operations and management symposium, 2006. NOMS 2006. Ieee/ifip, pp 507–518 Luo X, Chan EWW, Chang RKC (2006) Vanguard: A New Detection Scheme for a Class of TCP-targeted Denial-of-Service Attacks. In: Network operations and management symposium, 2006. NOMS 2006. Ieee/ifip, pp 507–518
27.
go back to reference Rahman MU, Rahman ZU, Fayaz M, Abbas S, Shahsani RK (2017) Performance analysis of TCP/AQM under Low-Rate Denial-of-Service Attacks. In: International conference on inventive computation technologies, pp 1–5 Rahman MU, Rahman ZU, Fayaz M, Abbas S, Shahsani RK (2017) Performance analysis of TCP/AQM under Low-Rate Denial-of-Service Attacks. In: International conference on inventive computation technologies, pp 1–5
28.
go back to reference Chen Z, Pham TND, Chai KY, Bu SL, Lau CT (2017) FRRED: Fourier robust RED algorithm to detect and mitigate LDoS attacks. In: Zooming innovation in consumer electronics international conference, pp 13–17 Chen Z, Pham TND, Chai KY, Bu SL, Lau CT (2017) FRRED: Fourier robust RED algorithm to detect and mitigate LDoS attacks. In: Zooming innovation in consumer electronics international conference, pp 13–17
29.
go back to reference Chen Y, Hwang K, Kwok YK (2005) Collaborative defense against periodic shrew DDoS attacks in frequency domain. In: ACM transactions on information and system security (TISSEC), p 30 Chen Y, Hwang K, Kwok YK (2005) Collaborative defense against periodic shrew DDoS attacks in frequency domain. In: ACM transactions on information and system security (TISSEC), p 30
30.
go back to reference Wu Z, Yue M (2008) Detection of LDDoS attack based on Kalman filtering. Acta Electronica Sinica 36 (8):1590e4 Wu Z, Yue M (2008) Detection of LDDoS attack based on Kalman filtering. Acta Electronica Sinica 36 (8):1590e4
Metadata
Title
MF-CNN: a New Approach for LDoS Attack Detection Based on Multi-feature Fusion and CNN
Authors
Dan Tang
Liu Tang
Wei Shi
Sijia Zhan
Qiuwei Yang
Publication date
11-01-2020
Publisher
Springer US
Published in
Mobile Networks and Applications / Issue 4/2021
Print ISSN: 1383-469X
Electronic ISSN: 1572-8153
DOI
https://doi.org/10.1007/s11036-019-01506-1

Other articles of this Issue 4/2021

Mobile Networks and Applications 4/2021 Go to the issue