Analyzing Feasibility for Deploying Very Fast Decision Tree for DDoS Attack Detection in Cloud-Assisted WBAN

2014 ◽  
pp. 507-519 ◽  
Author(s):  
Rabia Latif ◽  
Haider Abbas ◽  
Saïd Assar ◽  
Seemab Latif
Keyword(s):  
Decision Tree ◽  
Attack Detection ◽  
Ddos Attack ◽  
Very Fast Decision Tree ◽  
Ddos Attack Detection ◽  
Fast Decision

scholarly journals Flow Correlation Degree Optimization Driven Random Forest for Detecting DDoS Attacks in Cloud Computing

2018 ◽  
Vol 2018 ◽  
pp. 1-14 ◽  
Author(s):  
Jieren Cheng ◽  
Mengyang Li ◽  
Xiangyan Tang ◽  
Victor S. Sheng ◽  
Yifu Liu ◽  
...  
Keyword(s):  
Genetic Algorithm ◽  
Cloud Computing ◽  
Random Forest ◽  
Decision Tree ◽  
Attack Detection ◽  
Detection Methods ◽  
Cloud Environment ◽  
Ddos Attack ◽  
Correlation Degree ◽  
Ddos Attack Detection

Distributed denial-of-service (DDoS) has caused major damage to cloud computing, and the false- and missing-alarm rates of existing DDoS attack-detection methods are relatively high in cloud environment. In this paper, we propose a DDoS attack-detection method with enhanced random forest (RF) optimized by genetic algorithm based on flow correlation degree (FCD) feature. We define the FCD feature according to the asymmetric and semidirectivity interaction characteristics and use the two-tuples FCD feature consisting of packet-statistical degree (PSD) and semidirectivity interaction abnormality (SDIA) to describe the features of attack flow and normal flow. Then we use a genetic algorithm based on the FCD feature sequences to optimize two key parameters of the decision tree in the RF: the maximum number of decision trees and the maximum depth of every single decision tree. We apply the trained RF model with optimized parameters to generate the classifier to be used for DDoS attack-detection. The experiment shows that the proposed method can effectively detect DDoS attacks in cloud environment with a higher accuracy rate and lower false- and missing-alarm rates compared to existing DDoS attack-detection methods.

scholarly journals Intelligent feature selection using particle swarm optimization algorithm with a decision tree for DDoS attack detection

2021 ◽  
Vol 7 (1) ◽  
pp. 37
Author(s):  
Aween Abubakr Saeed ◽  
Noor Ghazi Mohammed Jameel
Keyword(s):  
Feature Selection ◽  
Particle Swarm Optimization ◽  
Decision Tree ◽  
Particle Swarm Optimization Algorithm ◽  
Particle Swarm ◽  
Attack Detection ◽  
Decision Tree Classifier ◽  
Ddos Attack ◽  
Tree Classifier ◽  
Ddos Attack Detection

The explosive development of information technology is increasingly rising cyber-attacks. Distributed denial of service (DDoS) attack is a malicious threat to the modern cyber-security world, which causes performance disruption to the network servers. It is a pernicious type of attack that can forward a large amount of traffic to damage one or all target’s resources simultaneously and prevents authenticated users from accessing network services. The paper aims to select the least number of relevant DDoS attack detection features by designing an intelligent wrapper feature selection model that utilizes a binary-particle swarm optimization algorithm with a decision tree classifier. In this paper, the Binary-particle swarm optimization algorithm is used to resolve discrete optimization problems such as feature selection and decision tree classifier as a performance evaluator to evaluate the wrapper model’s accuracy using the selected features from the network traffic flows. The model’s intelligence is indicated by selecting 19 convenient features out of 76 features of the dataset. The experiments were accomplished on a large DDoS dataset. The optimal selected features were evaluated with different machine learning algorithms by performance measurement metrics regarding the accuracy, Recall, Precision, and F1-score to detect DDoS attacks. The proposed model showed a high accuracy rate by decision tree classifier 99.52%, random forest 96.94%, and multi-layer perceptron 90.06 %. Also, the paper compares the outcome of the proposed model with previous feature selection models in terms of performance measurement metrics. This outcome will be useful for improving DDoS attack detection systems based on machine learning algorithms. It is also probably applied to other research topics such as DDoS attack detection in the cloud environment and DDoS attack mitigation systems.

scholarly journals EVFDT: An Enhanced Very Fast Decision Tree Algorithm for Detecting Distributed Denial of Service Attack in Cloud-Assisted Wireless Body Area Network

2015 ◽  
Vol 2015 ◽  
pp. 1-13 ◽  
Author(s):  
Rabia Latif ◽  
Haider Abbas ◽  
Seemab Latif ◽  
Ashraf Masood
Keyword(s):  
Decision Tree ◽  
Denial Of Service ◽  
Streaming Data ◽  
Tree Size ◽  
False Alarms ◽  
Area Network ◽  
Data Set ◽  
Ddos Attack ◽  
Very Fast Decision Tree ◽  
Fast Decision

Due to the scattered nature of DDoS attacks and advancement of new technologies such as cloud-assisted WBAN, it becomes challenging to detect malicious activities by relying on conventional security mechanisms. The detection of such attacks demands an adaptive and incremental learning classifier capable of accurate decision making with less computation. Hence, the DDoS attack detection using existing machine learning techniques requires full data set to be stored in the memory and are not appropriate for real-time network traffic. To overcome these shortcomings, Very Fast Decision Tree (VFDT) algorithm has been proposed in the past that can handle high speed streaming data efficiently. Whilst considering the data generated by WBAN sensors, noise is an obvious aspect that severely affects the accuracy and increases false alarms. In this paper, an enhanced VFDT (EVFDT) is proposed to efficiently detect the occurrence of DDoS attack in cloud-assisted WBAN. EVFDT uses an adaptive tie-breaking threshold for node splitting. To resolve the tree size expansion under extreme noise, a lightweight iterative pruning technique is proposed. To analyze the performance of EVFDT, four metrics are evaluated: classification accuracy, tree size, time, and memory. Simulation results show that EVFDT attains significantly high detection accuracy with fewer false alarms.

scholarly journals Comparison of machine learning algorithms for DDoS attack detection in SDN

2020 ◽  
pp. 59-70
Author(s):  
Duc Le ◽  
Minh Dao ◽  
Quyen Nguyen
Keyword(s):  
Machine Learning ◽  
Decision Tree ◽  
Learning Algorithms ◽  
Attack Detection ◽  
Machine Learning Algorithms ◽  
Software Defined Networks ◽  
Ddos Attacks ◽  
Ddos Attack ◽  
Flow Table ◽  
Ddos Attack Detection

Introduction: Distributed denial-of-service (DDoS) has become a common attack type in cyber security. Apart from the conventional DDoS attacks, software-defined networks also face some other typical DDoS attacks, such as flow-table attack or controller attack. One of the most recent solutions to detect a DDoS attack is using machine learning algorithms to classify the traffic. Purpose: Analysis of applying machine learning algorithms in order to prevent DDoS attacks in software-defined network. Results: A comparison of six algorithms (random forest, decision tree, naive Bayes, support vector machine, multilayer perceptron, k-nearest neighbors) with accuracy and process time as the criteria has shown that a decision tree and naïve Bayes are the most suitable algorithms for DDoS attack detection. As compared to other algorithms, they have higher accuracy, faster processing time and lower resource consumption.  The main features that identify malicious traffic compared to normal one are the number of bytes in a flow, time flow, Ethernet source address, and Ethernet destination address. A flow-table attack can be detected easier than a bandwidth attack, as all the six algorithms can predict this type with a high accuracy. Practical relevance: Important features which play a supporting role in correct data classification facilitate the development of a DDoS protection system with a smaller dataset, focusing only on the necessary data. The algorithms more suitable for machine learning can help us to detect DDoS attacks in software-defined networks more accurately.

scholarly journals Energy-aware very fast decision tree

2021 ◽  
Author(s):  
Eva García-Martín ◽  
Niklas Lavesson ◽  
Håkan Grahn ◽  
Emiliano Casalicchio ◽  
Veselka Boeva
Keyword(s):  
Energy Consumption ◽  
Decision Tree ◽  
Concept Drift ◽  
Algorithm Design ◽  
Energy Aware ◽  
Battery Capacity ◽  
Very Fast Decision Tree ◽  
Public Datasets ◽  
Additional Constraints ◽  
Fast Decision

AbstractRecently machine learning researchers are designing algorithms that can run in embedded and mobile devices, which introduces additional constraints compared to traditional algorithm design approaches. One of these constraints is energy consumption, which directly translates to battery capacity for these devices. Streaming algorithms, such as the Very Fast Decision Tree (VFDT), are designed to run in such devices due to their high velocity and low memory requirements. However, they have not been designed with an energy efficiency focus. This paper addresses this challenge by presenting the nmin adaptation method, which reduces the energy consumption of the VFDT algorithm with only minor effects on accuracy. nmin adaptation allows the algorithm to grow faster in those branches where there is more confidence to create a split, and delays the split on the less confident branches. This removes unnecessary computations related to checking for splits but maintains similar levels of accuracy. We have conducted extensive experiments on 29 public datasets, showing that the VFDT with nmin adaptation consumes up to 31% less energy than the original VFDT, and up to 96% less energy than the CVFDT (VFDT adapted for concept drift scenarios), trading off up to 1.7 percent of accuracy.

Sign in / Sign up

Export Citation Format

Share Document