[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
article

Ensemble Classifiers with Drift Detection (ECDD) in Traffic Flow Streams to Detect DDOS Attacks

Published: 01 April 2018 Publication History

Abstract

Malfunction of internet networking systems might directly and the adverse effect in one way or the other, wherein aspects of contemporary information and communication technologies. In such conditions, DDoS attacks are prevalent threat, wherein flooding of requests related to computation and communication resources for ordering the service that is unavailable for legitimate users. DDOS attacks to be defend to guard the Critical resources. The contribution of this manuscript is an ensemble classifier model to defend the DDOS attacks. The Proposed model is based on ensemble classifier with drift detection ability at the service request stream level. The proposed model incorporates the process of defining service request streaming characteristics, enables the drift detection ability that uses the defined service request stream characteristics. The experimental study carried out from the setup established using synthesized service request stream, and the result obtained are explored using statistical metrics such as true negative rate, positive predictive value, accuracy. Moreover, the significance of the model elevated by comparing the obtained results with results obtained from other benchmark models depicted in contemporary literature.

References

[1]
Palmieri, F., et al. (2015). Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures. The Journal of Supercomputing,71(5), 1620---1641.
[2]
Yan, Q., et al. (2016). Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Communications Surveys & Tutorials,18(1), 602---622.
[3]
Najafabadi, M. M., et al. (2016). RUDY attack: Detection at the network level and its important features. In The twenty-ninth international flairs conference (pp. 288---293). Marco Island: Hilton.
[4]
Prasad, K. M., Rama Mohan Reddy, A., & Venugopal Rao, K. (2017). BIFAD: Bio-inspired anomaly based HTTP-flood attack detection. Wireless Personal Communications,97, 1---28.
[5]
VivinSandar, S., & Shenai, S. (2012). Economic denial of sustainability (EDoS) in cloud services using HTTP and XML based DDoS attacks. International Journal of Computer Applications,41(20), 11---16.
[6]
Iglesias, F., & Zseby, T. (2015). Analysis of network traffic features for anomaly detection. Machine Learning,101(1-3), 59---84.
[7]
Claise, B., Trammell, B., & Aitken, P. (2013). Specification of the IP flow information export (IPFIX) protocol for the exchange of flow information. No. RFC 7011.
[8]
Cambiaso, E., Papaleo, G., & Aiello, M. (2012). Taxonomy of slow DoS attacks to web applications. Recent Trends in Computer Networks and Distributed Systems Security,335, 195---204.
[9]
Akamai: Akamai's {State of the Internet}/Security Q1/2016 Report. http://www.akamai.com/ State of The Internet (2016).
[10]
Alkasassbeh, M., et al. (2016). Detecting distributed denial of service attacks using data mining techniques. International Journal of Advanced Computer Science and Applications 7(1).
[11]
Loukas, Georgios, & Öke, Gülay. (2009). Protection against denial of service attacks: A survey. The Computer Journal,53(7), 1020---1037.
[12]
Bivens, A., et al. (2002). Network-based intrusion detection using neural networks. Intelligent Engineering Systems through Artificial Neural Networks,12(1), 579---584.
[13]
Apale, S., et al. (2014). Defense mechanism for DDoS attack through machine learning. International Journal of Research in Engineering and Technology,3(10), 291---294.
[14]
Vijayasarathy, R., Raghavan, S. V., & Ravindran, B. (2011). A system approach to network modeling for DDoS detection using a Naive Bayesian classifier. In IEEE third international conference on communication systems and networks (COMSNETS) (pp. 1---10), Bangalore.
[15]
Lu, K., et al. (2007). Robust and efficient detection of DDoS attacks for large-scale internet. Computer Networks,51(18), 5036---5056.
[16]
Pan, W., & Weihua, L. (2005). A hybrid neural network approach to the classification of novel attacks for intrusion detection. In International symposium on parallel and distributed processing and applications. Springer: Berlin.
[17]
Norouzian, M. R., & Merati, S. (2011). Classifying attacks in a network intrusion detection system based on artificial neural networks. In IEEE 13th international conference on advanced communication technology (ICACT), Republic of Korea, (pp. 868---873).
[18]
Haddadi, F., et al. (2010). Intrusion detection and attack classification using feed-forward neural network. In Second International Conference on Computer and Network Technology, Minneapolis, MN, USA (pp. 262---266).
[19]
Zhang, Z., Li, J., Manikopoulos, C. N., Jorgenson, J., & Ucles, J. (2001). HIDE: A hierarchical network intrusion detection system using statistical preprocessing and neural network classification. In Proceedings of IEEE Workshop on Information Assurance and Security, United States, (pp. 85---90).
[20]
Karimazad, R., & Faraahi, A. (2011). An anomaly-based method for DDoS attacks detection using RBF neural networks. In Proceedings of the international conference on network and electronics engineering, Singapore (pp. 16---18).
[21]
Jawale, M. D. R., & Bhusari, V. (2014). Technique to detect and classify attacks in nids using ann, pp. 75---81.
[22]
Barford, P., & Plonka, D. (2001). Characteristics of network traffic flow anomalies. In Proceedings of the 1st ACM SIGCOMM workshop on internet measurement. Cambridge: ACM.
[23]
Kalliola, A., Lee, K., Lee, H., & Aura, T. (2015). Flooding DDoS mitigation and traffic management with software defined networking. In IEEE 4th international conference on cloud networking (CloudNet), Canada (pp. 248---254).
[24]
Seufert, S., & O'Brien, D. (2007). Machine learning for automatic defence against distributed denial of service attacks. In IEEE international conference on communications, ICC'07, Scotland (pp. 1217---1222).
[25]
Berral, Josep L., et al. (2008). Adaptive distributed mechanism against flooding network attacks based on machine learning. In Proceedings of the 1st ACM workshop on Workshop on AISec, ACM.
[26]
Huang, G.-B., et al. (2012). Extreme learning machine for regression and multiclass classification. IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics),42(2), 513---529.
[27]
Srimuang, W., & Intarasothonchun, S. (2015). Classification model of network intrusion using weighted extreme learning machine. In 12th IEEE international joint conference on computer science and software engineering (JCSSE), Thailand (pp. 190---194).
[28]
Fossaceca, John M., Mazzuchi, Thomas A., & Sarkani, Shahram. (2015). MARK-ELM: Application of a novel multiple kernel learning framework for improving the robustness of network intrusion detection. Expert Systems with Applications,42(8), 4062---4080.
[29]
Kumar, P. A. R., & Selvakumar, S. (2013). Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems. Computer Communications,36(3), 303---319.
[30]
Ghasemi, Asghar, & Zahediasl, Saleh. (2012). Normality tests for statistical analysis: A guide for non-statisticians. International Journal of Endocrinology and Metabolism,10(2), 486.
[31]
Revathi, S., & Malathi, A. (2013). A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection. International Journal of Engineering 2(12).
[32]
KDD data set, 1999. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
[33]
The CAIDA, ``DDoS Attack 2007'', Dataset Paul Hick, Emile Aben, kc claffy, Josh Polterock. Available from http://www.caida.org/data/passive/ddos-20070804dataset.xml.
[34]
CAIDA UCSD Network telescope, ``Three days of conficker'' --- November 2008, Paul Hick, Emile Aben, Dan Andersen, kcclaffy. Available from http://www.caida.org/data/passive/telescope-3days-conficker_dataset.xml.
[35]
Sommer, R., & Paxson, V. (2010). Outside the closed world: On using machine learning for network intrusion detection. In IEEE symposium on security and privacy (SP).
[36]
Behal, Sunny, & Kumar, Krishan. (2017). Characterization and comparison of DDoS attack tools and traffic generators: A review. IJ Network Security,19(3), 383---393.
[37]
Badve, O. P., & Gupta, B. B. (2016). Taxonomy of recent DDoS attack prevention, detection, and response schemes in cloud environment. In Proceedings of the international conference on recent cognizance in wireless communication & image processing. Springer: New Delhi.
[38]
Kiran, S., Mohapatra, A., & Swamy, R. (2015). Experiences in performance testing of web applications with Unified Authentication platform using Jmeter. In International symposium on technology management and emerging technologies (ISTMET).
[39]
Powers, D. M. (2011). Evaluation: From precision, recall and F-measure to ROC, informedness, markedness and correlation.
[40]
An, T. K., & Kim, M. H. (2010). A new diverse AdaBoost classifier. In IEEE computer society proceedings of the international conference on artificial intelligence and computational intelligence, China (Vol. 01, pp. 359---363).

Cited By

View all
  • (2021)Flow based anomaly intrusion detection system using ensemble classifier with Feature Impact ScaleCluster Computing10.1007/s10586-021-03277-524:3(2461-2478)Online publication date: 1-Sep-2021
  • (2021)Traffic classification in server farm using supervised learning techniquesNeural Computing and Applications10.1007/s00521-020-05030-233:4(1279-1296)Online publication date: 1-Feb-2021
  • (2020)Improved Network Traffic by Attacking Denial of Service to Protect Resource Using Z-Test Based 4-Tier Geomark Traceback (Z4TGT)Wireless Personal Communications: An International Journal10.1007/s11277-020-07546-1114:4(3541-3575)Online publication date: 1-Oct-2020
  • Show More Cited By

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Wireless Personal Communications: An International Journal
Wireless Personal Communications: An International Journal  Volume 99, Issue 4
April 2018
294 pages

Publisher

Kluwer Academic Publishers

United States

Publication History

Published: 01 April 2018

Author Tags

  1. Application layer DDoS (APP-DDoS)
  2. Denial of service (DoS) attacks
  3. Distributed DoS (DDoS) attacks
  4. Ensemble classifier model

Qualifiers

  • Article

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)0
  • Downloads (Last 6 weeks)0
Reflects downloads up to 21 Dec 2024

Other Metrics

Citations

Cited By

View all
  • (2021)Flow based anomaly intrusion detection system using ensemble classifier with Feature Impact ScaleCluster Computing10.1007/s10586-021-03277-524:3(2461-2478)Online publication date: 1-Sep-2021
  • (2021)Traffic classification in server farm using supervised learning techniquesNeural Computing and Applications10.1007/s00521-020-05030-233:4(1279-1296)Online publication date: 1-Feb-2021
  • (2020)Improved Network Traffic by Attacking Denial of Service to Protect Resource Using Z-Test Based 4-Tier Geomark Traceback (Z4TGT)Wireless Personal Communications: An International Journal10.1007/s11277-020-07546-1114:4(3541-3575)Online publication date: 1-Oct-2020
  • (2020)Detection of Low-Rate Cloud DDoS Attacks in Frequency Domain Using Fast Hartley TransformWireless Personal Communications: An International Journal10.1007/s11277-020-07125-4112:3(1735-1762)Online publication date: 1-Jun-2020

View Options

View options

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media