Abstract
It is proposed to use the mathematical apparatus of wavelet transforms combined with the clustering of the obtained and transformed coefficients to detect attacks in the traffic of backbone networks. The wavelet transform coefficients obtained from the parameters of network packets are checked for the degree of multiple dependence, on the basis of which the standard deviation is calculated and the resulting coefficients are clustered to identify anomalies of the investigated network flow. The efficiency of the proposed method is confirmed by the results of experiments on detecting denial of service attacks.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
REFERENCES
Anstee, D., Chui, C.F., Bowen, P., and Sockrider, G., Worldwide Infrastructure Security Report, Westford, MA: Arbor Networks Inc., 2017.
Vasiliev, Y.S., Zegzhda, P.D., and Kuvshinov, V.I., Modern problems of cybersecurity, Nonlinear Phenom. Complex Syst. (Dordrecht, Neth.), 2014, vol. 17, no. 3, pp. 210–214.
Minin, A. and Kalinin, M., Information security in computer networks with dynamic topology, ACM International Conference Proceeding Series, 2015. https://doi.org/10.1145/2799979.2800023
Belenko, V., Krundyshev, V., and Kalinin, M., Synthetic datasets generation for intrusion detection in VANET, ACM International Conference Proceeding Series, 2018. https://doi.org/10.1145/3264437.3264479
Belenko, V., Krundyshev, V., and Kalinin, M., Intrusion detection for Internet of Things applying metagenome fast analysis, Proceedings of the 3rd World Conference on Smart Trends in Systems, Security and Sustainability, WorldS4, 2019, pp. 129–135.
Zegzhda, P., Zegzhda, D., Kalinin, M., Pechenkin, A., Minin, A., and Lavrova, D., Safe integration of SIEM systems with Internet of Things: Data aggregation, integrity control, and bioinspired safe routing, ACM International Conference Proceeding Series, 2016, pp. 81–87.
Cao, Y., et al., Understanding internet DDoS mitigation from academic and industrial perspectives, IEEE Access, 2018, no. 6, pp. 66641–66648.
Pulse Wave Heavy DDoS Attack to Take Down Multiple Protected Target Networks. https://gbhackers.com/ new-ddos-attack-pulse-wave/.
Krundyshev, V., Kalinin, M., and Zegzhda, P., Artificial swarm algorithm for VANET protection against routing attacks, IEEE Industrial Cyber-Physical Systems, 2018, pp. 795–800.
Lavrova, D.S., Alekseev, I.V., and Shtyrkina, A.A., Security analysis based on controlling dependences of network traffic parameters by wavelet transformation, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 931–935.
Kozionov, A.P., Pyait, A.L., Mokhov, I.I., and Ivanov, Yu.P., Wavelet transform and one-class classification for monitoring the state of dams, Inf.-Upr. Sist., 2014, no. 4, pp. 24–32.
Li, L. and Lee, G., DDoS attack detection and wavelets, Telecommun. Syst., 2005, vol. 28, nos. 3–4, pp. 435–451.
Tian, X., Wu, J., and Ji, C., A unified framework for understanding network traffic using independent wavelet models, Proceedings. Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies, New York, 2002, vol. 1, pp. 446–454; Pescapè, A. and Ventre, G., Wavelet-based detection of DoS attacks, IEEE Globecom, San Francisco, CA, 2006, pp. 1–6.
Lima Filho, F.S., et al., Smart detection: An online approach for DoS/DDoS attack detection using machine learning, Secur. Commun. Networks, 2019, vol. 2019; Bhaya, W.S. and Ebadymanna, M., DDoS attack detection approach using an efficient cluster analysis in large data scale, 2017 Annual Conference on New Trends in Information & Communications Technology Applications (NTICT), Baghdad, 2017, pp. 168–173.
Tang, D., et al., Low-rate DoS attack detection based on two-step cluster analysis, International Conference on Information and Communications Security, Lille, 2018, pp. 92–104.
Lavrova, D., Zegzhda, D., and Yarmak, A., Using GRU neural network for cyber-attack detection in automated process control systems, IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom), Sochi, 2019, pp. 1–3.
Ivanov, D.V. and Moskvin, D.A., Application of fractal methods to ensure the cyber-resilience of self-organizing networks, Nonlinear Phenom. Complex Syst. (Dordrecht, Neth.), 2019, vol. 22, no. 4, pp. 336–341.
Lavrova, D., Zaitceva, E., and Zegzhda, P., Bio-inspired approach to self-regulation for industrial dynamic network infrastructure, CEUR Workshop Proc., 2019, vol. 2603, pp. 34–39.
Lavrova, D., Zegzhda, D., and Yarmak, A., Predicting cyber attacks on industrial systems using the Kalman filter, 3rd World Conference on Smart Trends in Systems, Security and Sustainability, WorldS4 2019, 2019, pp. 317–321.
Zegzhda, D., Lavrova, D., and Poltavtseva, M., Multifractal security analysis of cyberphysical systems, Nonlinear Phenom. Complex Syst. (Dordrecht, Neth.), 2019, vol. 22, no. 2, pp. 196–204.
DARPA Intrusion Detection Evaluation. Intrusion Detection Attacks Database. https://archive.ll.mit.edu/ideval/ data/1999/training/week2/index.html.
Canadian Institute for Cybersecurity DDoS Evaluation Dataset (CICDDoS2019). https://www.unb.ca/ cic/datasets/ddos-2019.html.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
The authors declare that they have no conflicts of interest.
Additional information
Translated by M. Chubarova
About this article
Cite this article
Alekseev, I.V. Detection of Distributed Denial of Service Attacks in Large-Scale Networks Based on Methods of Mathematical Statistics and Artificial Intelligence. Aut. Control Comp. Sci. 54, 952–957 (2020). https://doi.org/10.3103/S0146411620080052
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411620080052