nach oben

Arabian Journal for Science and Engineering

Erschienen in:

23.01.2022 | Research Article-Computer Engineering and Computer Science

VMFCVD: An Optimized Framework to Combat Volumetric DDoS Attacks using Machine Learning

verfasst von: Arvind Prasad, Shalini Chandra

Erschienen in: Arabian Journal for Science and Engineering | Ausgabe 8/2022

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Despite significant development in distributed denial of service (DDoS) defense systems, the downtime caused by DDoS damages reputation, crushes end-user experience, and leads to considerable revenue loss. Volumetric DDoS attacks are the most common form of DDoS attack and are carried out by an army of infected IoT devices or by reflector servers, which increase attacks at massive scales. In this work, we propose a voting-based multimode framework to combat volumetric DDoS (VMFCVD) attacks. VMFCVD is based on a triad of fast detection mode (FDM), defensive fast detection mode (DFDM), and high accuracy mode (HAM) methods. FDM is designed to classify network traffic when the server is under attack. The highly dimensionally reduced dataset helps FDM accelerate detection speed. During our experiment, the dimension reduction for FDM was more than 97% while maintaining an accuracy of 99.9% in most cases. DFDM is an extended version of FDM that enhances malicious network traffic detection accuracy by tightening the detection technique. HAM focuses on detection accuracy, showing substantial improvement over FDM and DFDM. HAM activates when the server is stable. VMFCVD is extensively experimented on the latest benchmark DDoS and botnet datasets, namely the CICIDS2017 (BoT & DDoS), CSE-CIC-IDS2018 (BoT & DDoS), CICDDoS2019 (DNS, LDAP, SSDP & SYN), DoHBrw2020, NBaIoT2018 (Mirai), UNSW2018 BoTIoT, and UNSW NB15 datasets. The VMFCVD results show that it outperforms recent studies. VMFCVD performs exceptionally well when the server is under DDoS attack.

Vorheriger Artikel Arabic Handwritten Recognition Using Deep Learning: A Survey

Nächster Artikel Evaluation of Residual Strength of Corroded Reinforced Concrete Beams Using Machine Learning Models

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Kolias, C.; Kambourakis, G.; Stavrou, A.; Voas, J.: Ddos in the iot: Mirai and other botnets. Computer 50(7), 80–84 (2017). https://doi.org/10.1109/MC.2017.201CrossRef

Mielke, C.J.; Chen, H.: Botnets, and the cybercriminal underground. In: 2008 IEEE International Conference on Intelligence and Security Informatics, pp. 206–211. IEEE (2008). https://doi.org/10.1109/ISI.2008.4565058

Wang, A.; Chang, W.; Chen, S.; Mohaisen, A.: A data-driven study of DDoS attacks and their dynamics. IEEE Trans. Dependable Secure Comput. 17(3), 648–661 (2018). https://doi.org/10.1109/TDSC.2018.2808344CrossRef

Jonker, M.; King, A.; Krupp, J.; Rossow, C.; Sperotto, A.; Dainotti, A.: Millions of targets under attack: a macroscopic characterization of the dos ecosystem. In: Proceedings of the 2017 Internet Measurement Conference, pp. 100–113 (2017). https://doi.org/10.1145/3131365.3131383

Humayun, M.; Niazi, M.; Jhanjhi, N.; Alshayeb, M.; Mahmood, S.: Cyber security threats and vulnerabilities: a systematic mapping study. Arab. J. Sci. Eng. 45(4), 3171–3189 (2020). https://doi.org/10.1007/s13369-019-04319-2CrossRef

Warburton, D.: DDoS Attack Trends for 2020, F5Labs (2020). https://www.f5.com/labs/articles/threat-intelligence/ddos-attack-trends-for-2020. Accessed 6 Aug 2021

Costa Gondim, J.J.; de Oliveira Albuquerque, R.; Clayton Alves Nascimento, A.; García Villalba, L.J.; Kim, T.-H.: A methodological approach for assessing amplified reflection distributed denial of service on the internet of things. Sensors 16(11), 1855 (2016). https://doi.org/10.3390/s16111855

Aamir, M.; Zaidi, S.M.A.: DDoS attack detection with feature engineering and machine learning: the framework and performance evaluation. Int. J. Inf. Secur. 18(6), 761–785 (2019). https://doi.org/10.1007/s10207-019-00434-1CrossRef

Doriguzzi-Corin, R.; Millar, S.; Scott-Hayward, S.; Martinez-del-Rincon, J.; Siracusa, D.: Lucid: a practical, lightweight deep learning solution for DDoS attack detection. IEEE Trans. Netw. Serv. Manag. 17(2), 876–889 (2020). https://doi.org/10.1109/TNSM.2020.2971776CrossRef

10.

Jia, Y.; Zhong, F.; Alrawais, A.; Gong, B.; Cheng, X.: Flowguard: an intelligent edge defense mechanism against IoT DDoS attacks. IEEE Internet Things J. 7(10), 9552–9562 (2020). https://doi.org/10.1109/JIOT.2020.2993782CrossRef

11.

Injadat, M.; Moubayed, A.; Nassif, A.B.; Shami, A.: Multi-stage optimized machine learning framework for network intrusion detection. IEEE Trans. Netw. Serv. Manag. (2020). https://doi.org/10.1109/TNSM.2020.3014929CrossRef

12.

Priyadarshini, R.; Barik, R.K.: A deep learning based intelligent framework to mitigate DDoS attack in fog environment. J. King Saud Univ. Comput. Inf. Sci. (2019). https://doi.org/10.1016/j.jksuci.2019.04.010CrossRef

13.

Aamir, M.; Zaidi, S.M.A.: Clustering based semi-supervised machine learning for DDoS attack classification. J. King Saud Univ. Comput. Inf. Sci. (2019). https://doi.org/10.1016/j.jksuci.2019.02.003CrossRef

14.

ur Rehman, S.; Khaliq, M.; Imtiaz, S.I.; Rasool, A.; Shafiq, M.; Javed, A.R.; Jalil, Z.; Bashir, A.K.: Diddos: An approach for detection and identification of distributed denial of service (DDoS) cyberattacks using gated recurrent units (GRU). Future Gener. Comput. Syst. 118, 453–466 (2021). https://doi.org/10.1016/j.future.2021.01.022

15.

Popoola, S.I.; Adebisi, B.; Hammoudeh, M.; Gui, G.; Gacanin, H.: Hybrid deep learning for botnet attack detection in the internet-of-things networks. IEEE Internet Things J. 8(6), 4944–4956 (2020). https://doi.org/10.1109/JIOT.2020.3034156CrossRef

16.

Ravi, N.; Shalinie, S.M.: Learning-driven detection and mitigation of DDoS attack in IoT via SDN-cloud architecture. IEEE Internet Things J. 7(4), 3559–3570 (2020). https://doi.org/10.1109/JIOT.2020.2973176CrossRef

17.

Gu, Y.; Li, K.; Guo, Z.; Wang, Y.: Semi-supervised k-means DDoS detection method using hybrid feature selection algorithm. IEEE Access 7, 64351–64365 (2019). https://doi.org/10.1109/ACCESS.2019.2917532CrossRef

18.

Bawany, N.Z.; Shamsi, J.A.; Salah, K.: DDoS attack detection and mitigation using SDN: methods, practices, and solutions. Arab. J. Sci. Eng. 42(2), 425–441 (2017). https://doi.org/10.1007/s13369-017-2414-5CrossRef

19.

Idhammad, M.; Afdel, K.; Belouch, M.: Semi-supervised machine learning approach for DDoS detection. Appl. Intell. 48(10), 3193–3208 (2018). https://doi.org/10.1007/s10489-018-1141-2CrossRef

20.

Singh, D.; Singh, B.: Investigating the impact of data normalization on classification performance. Appl. Soft Comput. 97, 105524 (2020). https://doi.org/10.1016/j.asoc.2019.105524CrossRef

21.

Kasun, L.L.C.; Yang, Y.; Huang, G.-B.; Zhang, Z.: Dimension reduction with extreme learning machine. IEEE Trans. Image Process. 25(8), 3906–3918 (2016). https://doi.org/10.1109/TIP.2016.2570569MathSciNetCrossRefMATH

22.

Gao, L.; Wu, W.: Relevance assignation feature selection method based on mutual information for machine learning. Knowl. Based Syst. 209, 106439 (2020). https://doi.org/10.1016/j.knosys.2020.106439CrossRef

23.

Hall, M.A.: Correlation-based feature selection for machine learning (1999)

24.

Osisanwo, F.; Akinsola, J.; Awodele, O.; Hinmikaiye, J.; Olakanmi, O.; Akinjobi, J.: Supervised machine learning algorithms: classification and comparison. Int. J. Comput. Trends Technol. (IJCTT) 48(3), 128–138 (2017)CrossRef

25.

Sharafaldin, I.; Lashkari, A.H.; Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1, 108–116 (2018)

26.

Sharafaldin, I.; Lashkari, A.H.; Hakak, S.; Ghorbani, A.A.: Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. In: 2019 International Carnahan Conference on Security Technology (ICCST), pp. 1–8. IEEE (2019). https://doi.org/10.1109/CCST.2019.8888419

27.

MontazeriShatoori, M.; Davidson, L.; Kaur, G.; Lashkari, A.H.: Detection of DoH tunnels using time-series classification of encrypted traffic. In: 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress, pp. 63–70. IEEE (2020). https://doi.org/10.1109/DASC-PICom-CBDCom-CyberSciTech49142.2020.00026

28.

Meidan, Y.; Bohadana, M.; Mathov, Y.; Mirsky, Y.; Shabtai, A.; Breitenbacher, D.; Elovici, Y.: N-baiot—network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Comput. 17(3), 12–22 (2018). https://doi.org/10.1109/MPRV.2018.03367731CrossRef

29.

Koroniotis, N.; Moustafa, N.; Sitnikova, E.; Turnbull, B.: Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-IoT dataset. Futur. Gener. Comput. Syst. 100, 779–796 (2019). https://doi.org/10.1016/j.future.2019.05.041

30.

Moustafa, N.; Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS), pp. 1–6. IEEE (2015). https://doi.org/10.1109/MilCIS.2015.7348942

31.

Ferrag, M.A.; Maglaras, L.; Ahmim, A.; Derdour, M.; Janicke, H.: Rdtids: rules and decision tree-based intrusion detection system for internet-of-things networks. Futur. Internet 12(3), 44 (2020). https://doi.org/10.3390/fi12030044

32.

Prasad, M.; Tripathi, S.; Dahal, K.: An efficient feature selection based Bayesian and rough set approach for intrusion detection. Appl. Soft Comput. 87, 105980 (2020). https://doi.org/10.1016/j.asoc.2019.105980CrossRef

33.

Sarhan, M.; Layeghy, S.; Moustafa, N.; Portmann, M.: Netflow datasets for machine learning-based network intrusion detection systems. arXiv preprint arXiv:2011.09144 (2020)

34.

Alamri, H.A.; Thayananthan, V.: Bandwidth control mechanism and extreme gradient boosting algorithm for protecting software-defined networks against DDoS attacks. IEEE Access 8, 194269–194288 (2020). https://doi.org/10.1109/ACCESS.2020.3033942CrossRef

35.

Liu, Z.; Thapa, N.; Shaver, A.; Roy, K.; Siddula, M.; Yuan, X.; Yu, A.: Using embedded feature selection and CNN for classification on CCD-INID-V1—a new IoT dataset. Sensors 21(14), 4834 (2021). https://doi.org/10.3390/s21144834CrossRef

36.

Jafar, M.T.; Al-Fawa’reh, M.; Al-Hrahsheh, Z.; Jafar, S.T.: Analysis and investigation of malicious DNS queries using CIRA-CIC-DoHBrW-2020 dataset

37.

Palla, T.G.; Tayeb, S.: Intelligent Mirai malware detection for IoT nodes. Electronics 10(11), 1241 (2021). https://doi.org/10.3390/electronics10111241CrossRef

38.

Karthik, M.G.; Krishnan, M.M.: Hybrid random forest and synthetic minority over sampling technique for detecting internet of things attacks. J. Ambient. Intell. Humaniz. Comput. 1–11 (2021). https://doi.org/10.1007/s12652-021-03082-3

39.

Mafarja, M.; Heidari, A.A.; Habib, M.; Faris, H.; Thaher, T.; Aljarah, I.: Augmented whale feature selection for IoT attacks: structure, analysis and applications. Futur. Gener. Comput. Syst. 112, 18–40 (2020). https://doi.org/10.1016/j.future.2020.05.020CrossRef

40.

Al-Hawawreh, M.; Moustafa, N.; Garg, S.; Hossain, M.S.: Deep learning-enabled threat intelligence scheme in the internet of things networks. IEEE Trans. Netw. Sci. Eng. (2020). https://doi.org/10.1109/TNSE.2020.3032415CrossRef

41.

Yang, Y.; Zheng, K.; Wu, C.; Niu, X.; Yang, Y.: Building an effective intrusion detection system using the modified density peak clustering algorithm and deep belief networks. Appl. Sci. 9(2), 238 (2019). https://doi.org/10.3390/app9020238CrossRef

42.

Gao, Y.; Wu, H.; Song, B.; Jin, Y.; Luo, X.; Zeng, X.: A distributed network intrusion detection system for distributed denial of service attacks in vehicular ad hoc network. IEEE Access 7, 154560–154571 (2019). https://doi.org/10.1109/ACCESS.2019.2948382CrossRef

Titel: VMFCVD: An Optimized Framework to Combat Volumetric DDoS Attacks using Machine Learning
verfasst von: Arvind Prasad
Shalini Chandra
Publikationsdatum: 23.01.2022
Verlag: Springer Berlin Heidelberg
Erschienen in: Arabian Journal for Science and Engineering / Ausgabe 8/2022
Print ISSN: 2193-567X
Elektronische ISSN: 2191-4281
DOI: https://doi.org/10.1007/s13369-021-06484-9

Premium Partner

Marktübersichten

Die im Laufe eines Jahres in der „adhäsion“ veröffentlichten Marktübersichten helfen Anwendern verschiedenster Branchen, sich einen gezielten Überblick über Lieferantenangebote zu verschaffen.

Zur Marktübersicht

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 8/2022

Anisotropic Diffusion Filter Based on Spiking Neural Network Model

DRBF-DS: Double RBF Kernel-Based Deep Sampling with CNNs to Handle Complex Imbalanced Datasets

An Adaptive MRI-PET Image Fusion Model Based on Deep Residual Learning and Self-Adaptive Total Variation

Evaluation of Residual Strength of Corroded Reinforced Concrete Beams Using Machine Learning Models

EOSMA: An Equilibrium Optimizer Slime Mould Algorithm for Engineering Design Problems

Histogram of Low-Level Visual Features for Salient Feature Extraction

Premium Partner

Marktübersichten