An Enhanced Way of Distributed Denial of Service Attack Detection by Applying Machine Learning Algorithms in Cloud Computing

2020 ◽  
Vol 17 (8) ◽  
pp. 3765-3769
Author(s):  
N. P. Ponnuviji ◽  
M. Vigilson Prem
Keyword(s):  
Machine Learning ◽  
Cloud Computing ◽  
Denial Of Service ◽  
Learning Algorithms ◽  
Attack Detection ◽  
Machine Learning Algorithms ◽  
Distributed Denial Of Service ◽  
Detection Techniques ◽  
Network Bandwidth ◽  
Ddos Attack

Cloud Computing has revolutionized the Information Technology by allowing the users to use variety number of resources in different applications in a less expensive manner. The resources are allocated to access by providing scalability flexible on-demand access in a virtual manner, reduced maintenance with less infrastructure cost. The majority of resources are handled and managed by the organizations over the internet by using different standards and formats of the networking protocols. Various research and statistics have proved that the available and existing technologies are prone to threats and vulnerabilities in the protocols legacy in the form of bugs that pave way for intrusion in different ways by the attackers. The most common among attacks is the Distributed Denial of Service (DDoS) attack. This attack targets the cloud’s performance and cause serious damage to the entire cloud computing environment. In the DDoS attack scenario, the compromised computers are targeted. The attacks are done by transmitting a large number of packets injected with known and unknown bugs to a server. A huge portion of the network bandwidth of the users’ cloud infrastructure is affected by consuming enormous time of their servers. In this paper, we have proposed a DDoS Attack detection scheme based on Random Forest algorithm to mitigate the DDoS threat. This algorithm is used along with the signature detection techniques and generates a decision tree. This helps in the detection of signature attacks for the DDoS flooding attacks. We have also used other machine learning algorithms and analyzed based on the yielded results.

scholarly journals Proposed approach to detect distributed denial of service attacks in software defined network using machine learning algorithms

2018 ◽  
Vol 7 (2.8) ◽  
pp. 472 ◽  
Author(s):  
Shruti Banerjee ◽  
Partha Sarathi Chakraborty ◽  
. .
Keyword(s):  
Machine Learning ◽  
Denial Of Service ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Paper Machine ◽  
Software Defined Network ◽  
Distributed Denial Of Service ◽  
Control Plane ◽  
Data Plane ◽  
And Control

SDN (Software Defined Network) is rapidly gaining importance of ‘programmable network’ infrastructure. The SDN architecture separates the Data plane (forwarding devices) and Control plane (controller of the SDN). This makes it easy to deploy new versions to the infrastructure and provides straightforward network virtualization. Distributed Denial-of-Service attack is a major cyber security threat to the SDN. It is equally vulnerable to both data plane and control plane. In this paper, machine learning algorithms such as Naïve Bayesian, KNN, K Means, K-Medoids, Linear Regression, use to classify the incoming traffic as usual or unusual. Above mentioned algorithms are measured using the two metrics: accuracy and detection rate. The best fit algorithm is applied to implement the signature IDS which forms the module 1 of the proposed IDS. Second Module uses open connections to state the exact node which is an attacker and to block that particular IP address by placing it in Access Control List (ACL), thus increasing the processing speed of SDN as a whole. 

scholarly journals A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression

Proceedings ◽  
2020 ◽  
Vol 63 (1) ◽  
pp. 51
Author(s):  
Swathi Sambangi ◽  
Lakshmeeswari Gondi
Keyword(s):  
Machine Learning ◽  
Denial Of Service ◽  
Classification Problem ◽  
Attack Detection ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Multiple Sources ◽  
Denial Of Service Attack ◽  
Network Bandwidth

The problem of identifying Distributed Denial of Service (DDos) attacks is fundamentally a classification problem in machine learning. In relevance to Cloud Computing, the task of identification of DDoS attacks is a significantly challenging problem because of computational complexity that has to be addressed. Fundamentally, a Denial of Service (DoS) attack is an intentional attack attempted by attackers from single source which has an implicit intention of making an application unavailable to the target stakeholder. For this to be achieved, attackers usually stagger the network bandwidth, halting system resources, thus causing denial of access for legitimate users. Contrary to DoS attacks, in DDoS attacks, the attacker makes use of multiple sources to initiate an attack. DDoS attacks are most common at network, transportation, presentation and application layers of a seven-layer OSI model. In this paper, the research objective is to study the problem of DDoS attack detection in a Cloud environment by considering the most popular CICIDS 2017 benchmark dataset and applying multiple regression analysis for building a machine learning model to predict DDoS and Bot attacks through considering a Friday afternoon traffic logfile.

scholarly journals Comparative Study on TCP SYN Flood DDoS Attack Detection: A Machine Learning Algorithm Based Approach

2021 ◽  
Vol 16 ◽  
pp. 584-591
Author(s):  
S. Sumathi ◽  
R. Rajesh
Keyword(s):  
Machine Learning ◽  
Learning Algorithm ◽  
Denial Of Service ◽  
Attack Detection ◽  
Machine Learning Algorithm ◽  
Distributed Denial Of Service ◽  
Ddos Attack ◽  
Research Goal ◽  
Ddos Attack Detection ◽  
F Measure

A most common attack on the internet network is a Distributed Denial of Service (DDoS) attack, which involves occupying computational resources and bandwidth to suppress services to potential clients. The attack scenario is to massively flood the packets. The attack is called a denial of service (DoS) if the attack originates from a single server, and a distributed denial of service (DDoS) if the attack originates from multiple servers. Control and mitigation of DDoS attacks have been a research goal for many scholars for over a decade, and they have achieved in delivering a few major DDoS detection and protection techniques. In the current state of internet use, how quickly and early a DDoS attack can be detected in broadcasting network transactions remains a key research goal. After the development of a machine learning algorithm, many potential methods of DDoS attack detection have been developed. The work presents the results of various experiments carried out using data mining and machine learning algorithms as well as a combination of these algorithms on the commonly available dataset named CAIDA for TCP SYN flood attack detection. Also, this work analysis the various performance metrics such as false positive rate, precision, recall, F-measure and receiver operating characteristic (ROC) using various machine learning algorithm. One-R(OR) with an ideal FPR value of 0.05 and recall value of 0.95,decision stump(DS) with an ideal precision value of o.93,PART with an excellent F-measure value of 0.91 are some of the performance metric values while performing TCP SYN flood attack detection.

scholarly journals DDoS Attack Detection and Classification using Machine Learning Models with Real-Time Dataset Created

2021 ◽  
Vol 9 (5) ◽  
pp. 145-153
Author(s):  
Harrsheeta Sasikumar
Keyword(s):  
Machine Learning ◽  
Real Time ◽  
Denial Of Service ◽  
Attack Detection ◽  
Machine Learning Algorithms ◽  
Detection Accuracy ◽  
Ddos Attack ◽  
Real Time Traffic ◽  
Server Breakdown ◽  
Networked Devices

Distributed Denial of Service (DDoS) attack is one of the common attack that is predominant in the cyber world. DDoS attack poses a serious threat to the internet users and affects the availability of services to legitimate users. DDOS attack is characterized by the blocking a particular service by paralyzing the victim’s resources so that they cannot be used to legitimate purpose leading to server breakdown. DDoS uses networked devices into remotely controlled bots and generates attack. The proposed system detects the DDoS attack and malware with high detection accuracy using machine learning algorithms. The real time traffic is generated using virtual instances running in a private cloud. The DDoS attack is detected by considering the various SNMP parameters and classifying using machine learning technique like bagging, boosting and ensemble models. Also, the various types of malware on the networked devices are prevent from being used as a bot for DDOS attack generation.

scholarly journals Error-Robust Distributed Denial of Service Attack Detection Based on an Average Common Feature Extraction Technique

Sensors ◽  
2020 ◽  
Vol 20 (20) ◽  
pp. 5845
Author(s):  
João Paulo Abreu Maranhão ◽  
João Paulo Carvalho Lustosa da Costa ◽  
Edison Pignaton de Freitas ◽  
Elnaz Javidi ◽  
Rafael Timóteo de Sousa Júnior
Keyword(s):  
Machine Learning ◽  
False Alarm ◽  
False Alarm Rate ◽  
Detection Rate ◽  
Denial Of Service ◽  
Attack Detection ◽  
Gradient Boosting ◽  
Distributed Denial Of Service ◽  
Machine Learning Classification ◽  
Ddos Attack

In recent years, advanced threats against Cyber–Physical Systems (CPSs), such as Distributed Denial of Service (DDoS) attacks, are increasing. Furthermore, traditional machine learning-based intrusion detection systems (IDSs) often fail to efficiently detect such attacks when corrupted datasets are used for IDS training. To face these challenges, this paper proposes a novel error-robust multidimensional technique for DDoS attack detection. By applying the well-known Higher Order Singular Value Decomposition (HOSVD), initially, the average value of the common features among instances is filtered out from the dataset. Next, the filtered data are forwarded to machine learning classification algorithms in which traffic information is classified as a legitimate or a DDoS attack. In terms of results, the proposed scheme outperforms traditional low-rank approximation techniques, presenting an accuracy of 98.94%, detection rate of 97.70% and false alarm rate of 4.35% for a dataset corruption level of 30% with a random forest algorithm applied for classification. In addition, for error-free conditions, it is found that the proposed approach outperforms other related works, showing accuracy, detection rate and false alarm rate of 99.87%, 99.86% and 0.16%, respectively, for the gradient boosting classifier.

DDoS Attack Simulation and Machine Learning-Based Detection Approach in Internet of Things Experimental Environment

2021 ◽  
Vol 15 (3) ◽  
pp. 1-18
Author(s):  
Hongsong Chen ◽  
Caixia Meng ◽  
Jingjiu Chen
Keyword(s):  
Machine Learning ◽  
Internet Of Things ◽  
Network Traffic ◽  
Large Scale ◽  
Learning Algorithms ◽  
Attack Detection ◽  
Machine Learning Algorithms ◽  
Ddos Attack ◽  
Experimental Environment ◽  
Ddos Attack Detection

Aiming at the problem of DDoS attack detection in internet of things (IoT) environment, statistical and machine-learning algorithms are proposed to model and analyze the network traffic of DDoS attack. Docker-based virtualization platform is designed and configured to collect IoT network traffic data. Then the packet-level, flow-level, and second-level network traffic datasets are generated, and the importance of features in different traffic datasets are sorted. By SKlearn and TensorFlow machine-learning software framework, different machine learning algorithms are researched and compared. In packet-level DDoS attack detection, KNN algorithm achieves the best results; the accuracy is 92.8%. In flow-level DDoS attack detection, the voting algorithm achieves the best results; the accuracy is 99.8%. In second-level DDoS attack detection, the RNN algorithm behaves best results; the accuracy is 97.1%. The DDoS attack detection method combined with statistical analysis and machine-learning can effectively detect large-scale DDoS attacks on the internet of things simulation experimental environment.

scholarly journals The Slow HTTP Distributed Denial of Service Attack Detection in Cloud

2019 ◽  
Vol 20 (2) ◽  
pp. 285-298 ◽  
Author(s):  
A. Dhanapal ◽  
P. Nithyanandam
Keyword(s):  
Cloud Computing ◽  
Financial Services ◽  
Denial Of Service ◽  
Attack Detection ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Ddos Attack ◽  
Service Attack ◽  
The Cost

Cloud computing became popular due to nature as it provides the flexibility to add or remove the resources on-demand basis. This also reduces the cost of investments for the enterprises significantly. The adoption of cloud computing is very high for enterprises running their online applications. The availability of online services is critical for businesses like financial services, e-commerce applications, etc. Though cloud provides availability, still these applications are having potential threats of going down due to the slow HTTP Distributed Denial of Service (DDoS) attack in the cloud. The slow HTTP attacks intention is to consume all the available server resources and make it unavailable to the real users. The slow HTTP DDoS attack comes with different formats such as slow HTTP headers attacks, slow HTTP body attacks and slow HTTP read attacks. Detecting the slow HTTP DDoS attacks in the cloud is very crucial to safeguard online cloud applications. This is a very interesting and challenging topic in DDoS as it mimics the slow network. This paper proposed a novel method to detect slow HTTP DDoS attacks in the cloud. The solution is implemented using the OpenStack cloud platform. The experiments conducted exhibits the accurate results on detecting the attacks at the early stages. The slowHTTPTest open source tool is used in this experiment to originate slow HTTP DDoS attacks.

Sign in / Sign up

Export Citation Format

Share Document