scholarly journals MAN-EDoS: A Multihead Attention Network for the Detection of Economic Denial of Sustainability Attacks

Electronics ◽  
2021 ◽  
Vol 10 (20) ◽  
pp. 2500
Author(s):  
Vinhquoc Ta ◽  
Minho Park
Keyword(s):  
Cloud Computing ◽  
Processing Time ◽  
Network Flows ◽  
Detection System ◽  
Denial Of Service ◽  
Scale Up ◽  
Cloud Services ◽  
Detection Accuracy ◽  
Detection Scheme ◽  
Over Time

Cloud computing is one of the most modernized technology for the modern world. Along with the developments in the cloud infrastructure comes the risk of attacks that exploit the cloud services to exhaust the usage-based resources. A new type of general denial attack, called “economic denial of sustainability” (EDoS), exploits the pay-per-use service to scale-up resource usage normally and gradually over time, finally bankrupting a service provider. The stealthiness of EDoS has made it challenging to detect by most traditional mechanisms for the detection of denial-of-service attacks. Although some recent research has shown that multivariate time recurrent models, such as recurrent neural networks (RNN) and long short-term memory (LSTM), are effective for EDoS detection, they have some limitations, such as a long processing time and information loss. Therefore, an efficient EDoS detection scheme is proposed, which utilizes an attention technique. The proposed attention technique mimics cognitive attention, which enhances the critical features of the input data and fades out the rest. This reduces the feature selection processing time by calculating the query, key and value scores for the network packets. During the EDoS attack, the values of network features change over time. The proposed scheme inspects the changes of the attention scores between packets and between features, which can help the classification modules distinguish the attack flows from network flows. On another hand, our proposal scheme speeds up the processing time for the detection system in the cloud. This advantage benefits the detection process, but the risk of the EDoS is serious as long as the detection time is delayed. Comprehensive experiments showed that the proposed scheme can enhance the detection accuracy by 98%, and the computational speed is 60% faster compared to previous techniques on the available datasets, such as KDD, CICIDS, and a dataset that emerged from the testbed. Our proposed work is not only beneficial to the detection system in cloud computing, but can also be enlarged to be better with higher quality of training and technologies.

scholarly journals Adaptive Learning and Automatic Filtering of Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environment

2019 ◽  
Vol 9 (1S3) ◽  
pp. 200-205
Keyword(s):  
Cloud Computing ◽  
Adaptive Learning ◽  
Denial Of Service ◽  
Cloud Services ◽  
Detection Accuracy ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Automatic Filtering

Distributed Denial of Service (DDoS) attacks has become the most powerful cyber weapon to target the businesses that operate on the cloud computing environment. The sophisticated DDoS attack affects the functionalities of the cloud services and affects its core capabilities of cloud such as availability and reliability. The current intrusion detection system (IDS) must cope with the dynamicity and intensity of immense traffic at the cloud hosted applications and the security attack must be inspected based on the attack flow characteristics. Hence, the proposed Adaptive Learning and Automatic Filtering of Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environment is designed to adapt with varying kind of protocol attacks using misuse detection. The system is equipped with custom and threshold techniques that satisfies security requirements and can identify the different DDoS security attacks. The proposed system provides promising results in detecting the DDoS attacks in cloud environment with high detection accuracy and good alert reduction. Threshold method provides 98% detection accuracy with 99.91%, 99.92% and 99.94% alert reduction for ICMP, UDP and TCP SYN flood attack. The defense system filters the attack sources at the target virtual instance and protects the cloud applications from DDoS attacks.

scholarly journals Detection System of HTTP DDoS Attacks in a Cloud Environment Based on Information Theoretic Entropy and Random Forest

2018 ◽  
Vol 2018 ◽  
pp. 1-13 ◽  
Author(s):  
Mohamed Idhammad ◽  
Karim Afdel ◽  
Mustapha Belouch
Keyword(s):  
Random Forest ◽  
Network Traffic ◽  
Learning Algorithm ◽  
Detection System ◽  
Cloud Services ◽  
Detection Accuracy ◽  
Cloud Environment ◽  
Ddos Attacks ◽  
Information Theoretic ◽  
Computing Services

Cloud Computing services are often delivered through HTTP protocol. This facilitates access to services and reduces costs for both providers and end-users. However, this increases the vulnerabilities of the Cloud services face to HTTP DDoS attacks. HTTP request methods are often used to address web servers’ vulnerabilities and create multiple scenarios of HTTP DDoS attack such as Low and Slow or Flooding attacks. Existing HTTP DDoS detection systems are challenged by the big amounts of network traffic generated by these attacks, low detection accuracy, and high false positive rates. In this paper we present a detection system of HTTP DDoS attacks in a Cloud environment based on Information Theoretic Entropy and Random Forest ensemble learning algorithm. A time-based sliding window algorithm is used to estimate the entropy of the network header features of the incoming network traffic. When the estimated entropy exceeds its normal range the preprocessing and the classification tasks are triggered. To assess the proposed approach various experiments were performed on the CIDDS-001 public dataset. The proposed approach achieves satisfactory results with an accuracy of 99.54%, a FPR of 0.4%, and a running time of 18.5s.

Multi-Aspect DDOS Detection System for Securing Cloud Network

2019 ◽  
pp. 1952-1983
Author(s):  
Pourya Shamsolmoali ◽  
Masoumeh Zareapoor ◽  
M.Afshar Alam
Keyword(s):  
Cloud Computing ◽  
Detection System ◽  
Denial Of Service ◽  
Complex Form ◽  
Internet Security ◽  
Detection Methods ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Ddos Detection ◽  
Cloud Network

Distributed Denial of Service (DDoS) attacks have become a serious attack for internet security and Cloud Computing environment. This kind of attacks is the most complex form of DoS (Denial of Service) attacks. This type of attack can simply duplicate its source address, such as spoofing attack, which defending methods do not able to disguises the real location of the attack. Therefore, DDoS attack is the most significant challenge for network. In this chapter we present different aspect of security in Cloud Computing, mostly we concentrated on DDOS Attacks. The Authors illustrated all types of Dos Attacks and discussed the most effective detection methods.

scholarly journals ARIES: A Novel Multivariate Intrusion Detection System for Smart Grid

Sensors ◽  
2020 ◽  
Vol 20 (18) ◽  
pp. 5305
Author(s):  
Panagiotis Radoglou Grammatikis ◽  
Panagiotis Sarigiannidis ◽  
Georgios Efstathopoulos ◽  
Emmanouil Panaousis
Keyword(s):  
Intrusion Detection ◽  
Smart Grid ◽  
Intrusion Detection System ◽  
Network Flow ◽  
Network Flows ◽  
Detection System ◽  
Random Noise ◽  
Denial Of Service ◽  
The Third ◽  
Operational Data

The advent of the Smart Grid (SG) raises severe cybersecurity risks that can lead to devastating consequences. In this paper, we present a novel anomaly-based Intrusion Detection System (IDS), called ARIES (smArt gRid Intrusion dEtection System), which is capable of protecting efficiently SG communications. ARIES combines three detection layers that are devoted to recognising possible cyberattacks and anomalies against (a) network flows, (b) Modbus/Transmission Control Protocol (TCP) packets and (c) operational data. Each detection layer relies on a Machine Learning (ML) model trained using data originating from a power plant. In particular, the first layer (network flow-based detection) performs a supervised multiclass classification, recognising Denial of Service (DoS), brute force attacks, port scanning attacks and bots. The second layer (packet-based detection) detects possible anomalies related to the Modbus packets, while the third layer (operational data based detection) monitors and identifies anomalies upon operational data (i.e., time series electricity measurements). By emphasising on the third layer, the ARIES Generative Adversarial Network (ARIES GAN) with novel error minimisation functions was developed, considering mainly the reconstruction difference. Moreover, a novel reformed conditional input was suggested, consisting of random noise and the signal features at any given time instance. Based on the evaluation analysis, the proposed GAN network overcomes the efficacy of conventional ML methods in terms of Accuracy and the F1 score.

scholarly journals A multilayer perceptron artificial neural network approach for improving the accuracy of intrusion detection systems

2020 ◽  
Vol 9 (4) ◽  
pp. 609
Author(s):  
Abdulrahman Jassam Mohammed ◽  
Muhanad Hameed Arif ◽  
Ali Adil Ali
Keyword(s):  
Neural Network ◽  
Artificial Neural Network ◽  
Intrusion Detection ◽  
Multilayer Perceptron ◽  
Detection System ◽  
Denial Of Service ◽  
Detection Accuracy ◽  
Neural Network Approach ◽  
Artificial Neural ◽  
Artificial Neural Network Ann

<p>Massive information has been transmitted through complicated network connections around the world. Thus, providing a protected information system has fully consideration of many private and governmental institutes to prevent the attackers. The attackers block the users to access a particular network service by sending a large amount of fake traffics. Therefore, this article demonstrates two-classification models for accurate intrusion detection system (IDS). The first model develops the artificial neural network (ANN) of multilayer perceptron (MLP) with one hidden layer (MLP1) based on distributed denial of service (DDoS). The MLP1 has 38 input nodes, 11 hidden nodes, and 5 output nodes. The training of the MLP1 model is implemented with NSL-KDD dataset that has 38 features and five types of requests. The MLP1 achieves detection accuracy of 95.6%. The second model MLP2 has two hidden layers. The improved MLP2 model with the same setup achieves an accuracy of 2.2% higher than the MLP1 model. The study shows that the MLP2 model provides high classification accuracy of different request types.</p>

scholarly journals Two-Phase Deep Learning-Based EDoS Detection System

2021 ◽  
Vol 11 (21) ◽  
pp. 10249
Author(s):  
Chien-Nguyen Nhu ◽  
Minho Park
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Network Traffic ◽  
Input Data ◽  
Short Term Memory ◽  
Detection System ◽  
Scale Up ◽  
Sequence Length ◽  
Two Phase ◽  
Detection Scheme

Cloud computing is currently considered the most cost-effective platform for offering business and consumer IT services over the Internet. However, it is prone to new vulnerabilities. A new type of attack called an economic denial of sustainability (EDoS) attack exploits the pay-per-use model to scale up the resource usage over time to the extent that the cloud user has to pay for the unexpected usage charge. To prevent EDoS attacks, a few solutions have been proposed, including hard-threshold and machine learning-based solutions. Among them, long short-term memory (LSTM)-based solutions achieve much higher accuracy and false-alarm rates than hard-threshold and other machine learning-based solutions. However, LSTM requires a long sequence length of the input data, leading to a degraded performance owing to increases in the calculations, the detection time, and consuming a large number of computing resources of the defense system. We, therefore, propose a two-phase deep learning-based EDoS detection scheme that uses an LSTM model to detect each abnormal flow in network traffic; however, the LSTM model requires only a short sequence length of five of the input data. Thus, the proposed scheme can take advantage of the efficiency of the LSTM algorithm in detecting each abnormal flow in network traffic, while reducing the required sequence length of the input data. A comprehensive performance evaluation shows that our proposed scheme outperforms the existing solutions in terms of accuracy and resource consumption.

scholarly journals A Sensor Fused Rear Cross Traffic Detection System Using Transfer Learning

Sensors ◽  
2021 ◽  
Vol 21 (18) ◽  
pp. 6055
Author(s):  
Jungme Park ◽  
Wenchang Yu
Keyword(s):  
Processing Time ◽  
Detection System ◽  
Detection Accuracy ◽  
Driver Assistance Systems ◽  
The Road ◽  
Cross Traffic ◽  
Fast Processing ◽  
On The Road ◽  
Wide Angle Camera ◽  
Traffic Detection

Recent emerging automotive sensors and innovative technologies in Advanced Driver Assistance Systems (ADAS) increase the safety of driving a vehicle on the road. ADAS enhance road safety by providing early warning signals for drivers and controlling a vehicle accordingly to mitigate a collision. A Rear Cross Traffic (RCT) detection system is an important application of ADAS. Rear-end crashes are a frequently occurring type of collision, and approximately 29.7% of all crashes are rear-ended collisions. The RCT detection system detects obstacles at the rear while the car is backing up. In this paper, a robust sensor fused RCT detection system is proposed. By combining the information from two radars and a wide-angle camera, the locations of the target objects are identified using the proposed sensor fused algorithm. Then, the transferred Convolution Neural Network (CNN) model is used to classify the object type. The experiments show that the proposed sensor fused RCT detection system reduced the processing time 15.34 times faster than the camera-only system. The proposed system has achieved 96.42% accuracy. The experimental results demonstrate that the proposed sensor fused system has robust object detection accuracy and fast processing time, which is vital for deploying the ADAS system.

scholarly journals Shield Advanced Mitigation System of Distributed Denial of Service Attack in Integration of Internet of Things and Cloud Computing Environment

2019 ◽  
Vol 9 (2) ◽  
pp. 1300-1306
Keyword(s):  
Cloud Computing ◽  
Internet Of Things ◽  
Denial Of Service ◽  
Cloud Services ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Ddos Attack ◽  
Service Attack ◽  
Verification Process

Cloud services among public and business companies have become popular in recent years. For production activities, many companies rely on cloud technology. Distributed Denial of Services (DDoS) attack is an extremely damaging general and critical type of cloud attacks. Several efforts have been made in recent years to identify numerous types of DDoS attacks. This paper discusses the different types of DDoS attacks and their cloud computing consequences. Distributed Denial of Service attack (DDoS) is a malicious attempt to disrupt the normal movement of a targeted server, service or network through influx of internet traffic overwhelming the target or its infrastructure. The use of multiple affected computer systems as a source of attacks makes DDoS attacks effective. Computers and other networked tools, including IoT phones, may be included on exploited machines. A DDoS attack from a high level resembles a traffic jam that is caused by roads that prevents normal travel at their desired destination. So DDoS Attack is a major challenging problem in integrated Cloud and IoT. Hence, this paper proposes Shield Advanced Mitigation System of Distributed Denial of Service Attack in the integration of Internet of Things and Cloud Computing Environment. This secure architecture use two verification process to identify whether user is legitimate or malicious. Dynamic Captcha Testing with Equal Probability test for first verification process, moreover Zigsaw Image Puzzle Test is used for second verification process, and Intrusion Detection Prevention System is used to identify and prevent malicious user, moreover reverse proxy is used to hide server location. These functional components and flow could strengthen security in Client side network to provide cloud services furthermore to overcome distributed denial of service attack in the integration of Internet of Things and Cloud Environment.

Denial of Service (DoS) Attacks Over Cloud Environment

2021 ◽  
pp. 491-521
Author(s):  
Thangavel M. ◽  
Nithya S ◽  
Sindhuja R
Keyword(s):  
Cloud Computing ◽  
Capacity Planning ◽  
Denial Of Service ◽  
Cloud Services ◽  
The Other ◽  
Complete Analysis ◽  
Cloud Environment ◽  
Dos Attack ◽  
Dos Attacks ◽  
The Impact

Cloud computing is the fastest growing technology in today's world. Cloud services provide pay as go models on capacity or usage. For providing better cloud services, capacity planning is very important. Proper capacity planning will maximize efficiency and on the other side proper control over the resources will help to overcome from attacks. As the technology develops in one side, threats and vulnerabilities to security also increases on the other side. A complete analysis of Denial of Service (DOS) attacks in cloud computing and how are they done in the cloud environment and the impact of reduced capacity in cloud causes greater significance. Among all the cloud computing attacks, DOS is a major threat to the cloud environment. In this book chapter, we are going to discuss DOS attack in the cloud and its types, what are the tools used to perform DOS attack and how they are detected and prevented. Finally it deals with the measures to protect the cloud services from DOS attack and also penetration testing for DOS attack.

scholarly journals Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detection system: A comprehensive review

2021 ◽  
Vol 11 (6) ◽  
pp. 5216
Author(s):  
Adnan Hasan Bdair Alghuraibawi ◽  
Rosni Abdullah ◽  
Selvakumar Manickam ◽  
Zaid Abdi Alkareem Alyasseri
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Positive Impact ◽  
Detection System ◽  
Denial Of Service ◽  
Internet Protocol ◽  
Economic Damage ◽  
Detection Accuracy ◽  
Ddos Attacks ◽  
Network Systems

Security network systems have been an increasingly important discipline since the implementation of preliminary stages of Internet Protocol version 6 (IPv6) for exploiting by attackers. IPv6 has an improved protocol in terms of security as it brought new functionalities, procedures, i.e., Internet Control Message Protocol version 6 (ICMPv6). The ICMPv6 protocol is considered to be very important and represents the backbone of the IPv6, which is also responsible to send and receive messages in IPv6. However, IPv6 Inherited many attacks from the previous internet protocol version 4 (IPv4) such as distributed denial of service (DDoS) attacks. DDoS is a thorny problem on the internet, being one of the most prominent attacks affecting a network result in tremendous economic damage to individuals as well as organizations. In this paper, an exhaustive evaluation and analysis are conducted anomaly detection DDoS attacks against ICMPv6 messages, in addition, explained anomaly detection types to ICMPv6 DDoS flooding attacks in IPv6 networks. Proposed using feature selection technique based on bio-inspired algorithms for selecting an optimal solution which selects subset to have a positive impact of the detection accuracy ICMPv6 DDoS attack. The review outlines the features and protection constraints of IPv6 intrusion detection systems focusing mainly on DDoS attacks.

Sign in / Sign up

Export Citation Format

Share Document