DeepDetect: Detection of Distributed Denial of Service Attacks Using Deep Learning

2019 ◽  
Vol 63 (7) ◽  
pp. 983-994 ◽  
Author(s):  
Muhammad Asad ◽  
Muhammad Asim ◽  
Talha Javed ◽  
Mirza O Beg ◽  
Hasan Mujtaba ◽  
...  
Keyword(s):  
Neural Network ◽  
Network Architecture ◽  
Denial Of Service ◽  
Smart Devices ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Application Layer ◽  
Tangible Computing ◽  
Network Bandwidth ◽  
Feed Forward Back Propagation

Abstract At the advent of advanced wireless technology and contemporary computing paradigms, Distributed Denial of Service (DDoS) attacks on Web-based services have not only increased exponentially in number, but also in the degree of sophistication; hence the need for detecting these attacks within the ocean of communication packets is extremely important. DDoS attacks were initially projected toward the network and transport layers. Over the years, attackers have shifted their offensive strategies toward the application layer. The application layer attacks are potentially more detrimental and stealthier because of the attack traffic and the benign traffic flows being indistinguishable. The distributed nature of these attacks is difficult to combat as they may affect tangible computing resources apart from network bandwidth consumption. In addition, smart devices connected to the Internet can be infected and used as botnets to launch DDoS attacks. In this paper, we propose a novel deep neural network-based detection mechanism that uses feed-forward back-propagation for accurately discovering multiple application layer DDoS attacks. The proposed neural network architecture can identify and use the most relevant high level features of packet flows with an accuracy of 98% on the state-of-the-art dataset containing various forms of DDoS attacks.

scholarly journals Multischeme feedforward artificial neural network architecture for DDoS attack detection

2021 ◽  
Vol 10 (1) ◽  
pp. 458-465
Author(s):  
Arif Wirawan Muhammad ◽  
Cik Feresa Mohd Foozy ◽  
Kamaruddin Malik bin Mohammed
Keyword(s):  
Neural Network ◽  
Artificial Neural Network ◽  
Network Architecture ◽  
Denial Of Service ◽  
Data Packet ◽  
Detection Accuracy ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Neural Network Architecture ◽  
Quasi Newton

Distributed denial of service attack classified as a structured attack to deplete server, sourced from various bot computers to form a massive data flow. Distributed denial of service (DDoS) data flows behave as regular data packet flows, so it is challenging to distinguish between the two. Data packet classification to detect DDoS attacks is one solution to prevent DDoS attacks and to maintain server resources maintained. The machine learning method especially artificial neural network (ANN), is one of the effective ways to detect the flow of data packets in a computer network. Based on the research that has carried out, it concluded that ANN with hidden layer architecture that contains neuron twice as neuron on the input layer (2n) produces a stable detection accuracy value on Quasi-Newton, Scaled-Conjugate and Resilient-Propagation training functions. Based on the studies conducted, it concluded that ANN Architecture sufficiently affected the Scaled-Conjugate and Resilient-Propagation training functions, otherwise the Quasi-Newton training function. The best detection accuracy achieved from the experiment is 99.60%, 1.000 recall, 0.988 precision, and 0.993 f-measure using the Quasi-Newton training function with 6-(12)-2 neural network architecture.

HULK and DDoS Attacks in Web Applications with Detection Mechanism

2018 ◽  
Vol 6 (6) ◽  
pp. 192
Author(s):  
Amit Sharma
Keyword(s):  
Web Applications ◽  
Denial Of Service ◽  
Single Server ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Application Layer ◽  
Detection Mechanism ◽  
Plan Execution ◽  
Social Affair ◽  
Server Application

Distributed Denial of Service attacks are significant dangers these days over web applications and web administrations. These assaults pushing ahead towards application layer to procure furthermore, squander most extreme CPU cycles. By asking for assets from web benefits in gigantic sum utilizing quick fire of solicitations, assailant robotized programs use all the capacity of handling of single server application or circulated environment application. The periods of the plan execution is client conduct checking and identification. In to beginning with stage by social affair the data of client conduct and computing individual user’s trust score will happen and Entropy of a similar client will be ascertained. HTTP Unbearable Load King (HULK) attacks are also evaluated. In light of first stage, in recognition stage, variety in entropy will be watched and malevolent clients will be recognized. Rate limiter is additionally acquainted with stop or downsize serving the noxious clients. This paper introduces the FAÇADE layer for discovery also, hindering the unapproved client from assaulting the framework.

scholarly journals A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression

Proceedings ◽  
2020 ◽  
Vol 63 (1) ◽  
pp. 51
Author(s):  
Swathi Sambangi ◽  
Lakshmeeswari Gondi
Keyword(s):  
Machine Learning ◽  
Denial Of Service ◽  
Classification Problem ◽  
Attack Detection ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Multiple Sources ◽  
Denial Of Service Attack ◽  
Network Bandwidth

The problem of identifying Distributed Denial of Service (DDos) attacks is fundamentally a classification problem in machine learning. In relevance to Cloud Computing, the task of identification of DDoS attacks is a significantly challenging problem because of computational complexity that has to be addressed. Fundamentally, a Denial of Service (DoS) attack is an intentional attack attempted by attackers from single source which has an implicit intention of making an application unavailable to the target stakeholder. For this to be achieved, attackers usually stagger the network bandwidth, halting system resources, thus causing denial of access for legitimate users. Contrary to DoS attacks, in DDoS attacks, the attacker makes use of multiple sources to initiate an attack. DDoS attacks are most common at network, transportation, presentation and application layers of a seven-layer OSI model. In this paper, the research objective is to study the problem of DDoS attack detection in a Cloud environment by considering the most popular CICIDS 2017 benchmark dataset and applying multiple regression analysis for building a machine learning model to predict DDoS and Bot attacks through considering a Friday afternoon traffic logfile.

scholarly journals A Review of Anomaly Detection Techniques and Distributed Denial of Service (DDoS) on Software Defined Network (SDN)

2018 ◽  
Vol 8 (2) ◽  
pp. 2724-2730 ◽  
Author(s):  
M. H. H. Khairi ◽  
S. H. S. Ariffin ◽  
N. M. Abdul Latiff ◽  
A. S. Abdullah ◽  
M. K. Hassan
Keyword(s):  
Anomaly Detection ◽  
Network Architecture ◽  
Denial Of Service ◽  
Software Defined Network ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Detection Techniques ◽  
And Control ◽  
Entire Network

Software defined network (SDN) is a network architecture in which the network traffic may be operated and managed dynamically according to user requirements and demands. Issue of security is one of the big challenges of SDN because different attacks may affect performance and these attacks can be classified into different types. One of the famous attacks is distributed denial of service (DDoS). SDN is a new networking approach that is introduced with the goal to simplify the network management by separating the data and control planes. However, the separation leads to the emergence of new types of distributed denial-of-service (DDOS) attacks on SDN networks. The centralized role of the controller in SDN makes it a perfect target for the attackers. Such attacks can easily bring down the entire network by bringing down the controller. This research explains DDoS attacks and the anomaly detection as one of the famous detection techniques for intelligent networks.

Neural Network-Based Approach for Detection and Mitigation of DDoS Attacks in SDN Environments

2020 ◽  
Vol 14 (3) ◽  
pp. 50-71
Author(s):  
Oussama Hannache ◽  
Mohamed Chaouki Batouche
Keyword(s):  
Neural Network ◽  
Performance Metrics ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Analysis Method ◽  
Organizational Network ◽  
Ddos Attack ◽  
Data Plane ◽  
Ddos Detection

Software defined networking (SDN) is a networking paradigm that allows for the easy programmability of network devices by decoupling the data plane and the control plane. On the other hand, Distributed Denial of Service (DDoS) attacks remains one of the major concerns for organizational network infrastructures and Cloud providers. In this article, the authors propose a Neural Network based Traffic Flow Classifier (TFC-NN) for live DDoS detection in SDN environments. This study provides a live traffic analysis method with a neural network. The training of the TFC-NN model is performed by a labelled dataset constructed from SDN normal traffic and an-under DDoS traffic. The study also provides a live mitigation process combined with the live TFC-NN-based DDoS detection. The approach is deployed and evaluated on an SDN architecture based on different performance metrics with different under-DDoS attack scenarios.

scholarly journals An Efficient DDoS Attack Detecting System using Levenberg-Marquardt Based Deep Artificial Neural Network Approach for IOT

2021 ◽  
Vol 10 (3) ◽  
pp. 59-66
Author(s):  
Ahmed Saeed Alzahrani
Keyword(s):  
Neural Network ◽  
Performance Metrics ◽  
Rapid Development ◽  
Denial Of Service ◽  
Attack Detection ◽  
Smart Devices ◽  
Ddos Attacks ◽  
Ddos Attack ◽  
Levenberg Marquardt ◽  
Iot Devices

The Internet of Things model envisions the widespread interconnection and collaboration of smart devices over the present and future Internet environment. Threats and attacks against IoT devices and services are on the rise due to their rapid development. Distributed-Denial-of-Service (DDoS) attacks are one of the main dangerous malwares that attack targeted organizations through infected devices. Many mechanisms are developed for IoT devices in order to detect DDoS attacks. Nonetheless, the prevailing DDoS Attack Detection (DAD) methods involve time-delay and a lower detection rate. This paper proposed an efficient approach using the Levenberg-Marquardt Neural Network (LMDANN) algorithm for detecting the DDoS attacks in order to enhance prediction accuracy. In the proposed system, a MapReduce technique is used to eliminate the redundant copies. In addition, the Entropy-based Fisher’s Discriminate Function (ENTFDF) method was developed to reduce the features from the extracted features, and the system suggests an LMDANN algorithm to classify DDoS attack data separately from the normal data. In this, 80% of the data is used for training, and 20% of the data is used for testing. The performance of the proposed LMDANN method was evaluated in contrast to other art of state algorithms (ANN, SVM, KNN, and ANFIS) in terms of some specific qualitative performance metrics (recall, sensitivity, f-measure, specificity, precision, accuracy, and training time). The results show that the proposed detection approach can efficiently detect the DDoS attack in the IoT environment, achieving 96.35% accuracy.

scholarly journals Ddos Attack Detection and Prevention using Aodv Routing Mechanism and Ffbp Neural Network in a Manet

2019 ◽  
Vol 8 (2) ◽  
pp. 4136-4142
Keyword(s):  
Neural Network ◽  
Fuzzy Logic ◽  
Routing Protocol ◽  
Ad Hoc ◽  
Mobile Ad Hoc Network ◽  
Denial Of Service ◽  
Support Vector ◽  
Distributed Denial Of Service ◽  
Ddos Attack ◽  
Feed Forward Back Propagation

Security is considered as the most important feature in a Mobile Ad-hoc Network (MANET). There are different types of attacks which may affect the data transmission in MANET but Distributed Denial of Service (DDoS) attack is one of the complex and harsh worthy in a MANET. In the existing work, it has been found that the researchers have utilized Support Vector Machine (SVM) and fuzzy logic as a classification algorithm to identify the DoS attack in MANET. The problem with SVM and Fuzzy logic is that they are more complex and more time consuming mechanism to detect attackers. Also, in the existing work, Optimized Link State Routing (OLSR) routing protocol is used to find route and it is a searching mechanism which does not include the concept of trust routing table and hence the searching mechanism consumes more energy. To solve the mentioned problems, we are presenting a machine learning approach that is Feed Forward Back Propagation Neural Network (FFBPNN) as a classifier and Ad hoc On-Demand Distance Vector(AODV) routing protocol for route discovery to shield the network from Distributed Denial of Service (DDoS) attack. The MANET is trained using FFBPNN. Therefore, when malicious node appears in the network, the node is identified on the basis of the node properties like energy consumption and delay. The route is changed by discarding the malicious nodes from the route and hence the network is protected. The throughputs, PDR have been increased by 60.71%, 53.57% and delay has been reduced by 42.21%.

scholarly journals DETECTION AND MITIGATION OF DISTRIBUTED DENIAL OF SERVICE ATTACKS ON NETWORK ARCHITECTURE SOFTWARE DEFINED NETWORKING USING THE NAIVE BAYES ALGORITHM

2022 ◽  
Vol 3 (2) ◽  
pp. 51-55
Author(s):  
Misbachul Munir ◽  
Ipung Ardiansyah ◽  
Joko Dwi Santoso ◽  
Ali Mustopa ◽  
Sri Mulyatun
Keyword(s):  
Network Architecture ◽  
Naive Bayes ◽  
Denial Of Service ◽  
Naïve Bayes ◽  
Software Defined Network ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Network Resources ◽  
Bayes Algorithm

DDoS attacks are a form of attack carried out by sending packets continuously to machines and even computer networks. This attack will result in a machine or network resources that cannot be accessed or used by users. DDoS attacks usually originate from several machines operated by users or by bots, whereas Dos attacks are carried out by one person or one system. In this study, the term to be used is the term DDoS to represent a DoS or DDoS attack. In the network world, Software Defined Network (SDN) is a promising paradigm. SDN separates the control plane from forwarding plane to improve network programmability and network management. As part of the network, SDN is not spared from DDoS attacks. In this study, we use the naïve Bayes algorithm as a method to detect DDoS attacks on the Software Defined Network network architecture

Towards Utilizing Blockchain for Countering Distributed Denial-of-Service (DDoS)

2021 ◽  
pp. 35-58
Author(s):  
Rochak Swami ◽  
Mayank Dave ◽  
Virender Ranga ◽  
Nikhil Tripathi ◽  
Abhijith Kalayil Shaji ◽  
...  
Keyword(s):  
Cyber Security ◽  
Defense Mechanisms ◽  
Denial Of Service ◽  
Future Research ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Research Directions ◽  
Network Bandwidth ◽  
Future Research Directions ◽  
Network Administrators

Distributed denial of service (DDoS) attacks have been a matter of serious concern for network administrators in the last two decades. These attacks target the resources such as memory, CPU cycles, and network bandwidth in order to make them unavailable for the benign users, thereby violating availability, one of the components of cyber security. With the existence of DDoS-as-a-service on internet, DDoS attacks have now become more lucrative for the adversaries to target a potential victim. In this work, the authors focus on countering DDoS attacks using one of the latest technologies called blockchain. In inception phase, utilizing blockchain for countering DDoS attacks has proved to be quite promising. The authors also compare existing blockchain-based defense mechanisms to counter DDoS attacks and analyze them. Towards the end of the work, they also discuss possible future research directions in this domain.

Sign in / Sign up

Export Citation Format

Share Document