scholarly journals Hybrid Intrusion Detection System for DDoS Attacks

2016 ◽  
Vol 2016 ◽  
pp. 1-8 ◽  
Author(s):  
Özge Cepheli ◽  
Saliha Büyükçorak ◽  
Güneş Karabulut Kurt
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Detection Methods ◽  
Detection Accuracy ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Hybrid Detection ◽  
Security Problem

Distributed denial-of-service (DDoS) attacks are one of the major threats and possibly the hardest security problem for today’s Internet. In this paper we propose a hybrid detection system, referred to as hybrid intrusion detection system (H-IDS), for detection of DDoS attacks. Our proposed detection system makes use of both anomaly-based and signature-based detection methods separately but in an integrated fashion and combines the outcomes of both detectors to enhance the overall detection accuracy. We apply two distinct datasets to our proposed system in order to test the detection performance of H-IDS and conclude that the proposed hybrid system gives better results than the systems based on nonhybrid detection.

scholarly journals Distributed Denial-of-Service Prediction on IoT Framework by Learning Techniques

2020 ◽  
Vol 10 (1) ◽  
pp. 220-230
Author(s):  
Shubhra Dwivedi ◽  
Manu Vardhan ◽  
Sarsij Tripathi
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Information Gain ◽  
Learning Algorithm ◽  
Detection System ◽  
False Positive Rate ◽  
Denial Of Service ◽  
Support Vector ◽  
Distributed Denial Of Service ◽  
Ddos Attacks

AbstractDistributed denial-of-service (DDoS) attacks on the Internet of Things (IoT) pose a serious threat to several web-based networks. The intruder’s ability to deal with the power of various cooperating devices to instigate an attack makes its administration even more multifaceted. This complexity can be further increased while lots of intruders attempt to overload an attack against a device. To counter and defend against modern DDoS attacks, several effective and powerful techniques have been used in the literature, such as data mining and artificial intelligence for the intrusion detection system (IDS), but they have some limitations. To overcome the existing limitations, in this study, we propose an intrusion detection mechanism that is an integration of a filter-based selection technique and a machine learning algorithm, called information gain-based intrusion detection system (IGIDS). In addition, IGIDS selects the most relevant features from the original IDS datasets that can help to distinguish typical low-speed DDoS attacks and, then, the selected features are passed on to the classifiers, i.e. support vector machine (SVM), decision tree (C4.5), naïve Bayes (NB) and multilayer perceptron (MLP) to detect attacks. The publicly available datasets as KDD Cup 99, CAIDA DDOS Attack 2007, CONFICKER worm, and UNINA traffic traces, are used for our experimental study. From the results of the simulation, it is clear that IGIDS with C4.5 acquires high detection and accuracy with a low false-positive rate.

scholarly journals Towards Effective Detection of Recent DDoS Attacks: A Deep Learning Approach

2021 ◽  
Vol 2021 ◽  
pp. 1-14
Author(s):  
Ivandro Ortet Lopes ◽  
Deqing Zou ◽  
Francis A Ruambo ◽  
Saeed Akbar ◽  
Bin Yuan
Keyword(s):  
Deep Learning ◽  
Intrusion Detection System ◽  
State Of The Art ◽  
Detection System ◽  
Denial Of Service ◽  
Model Performance ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Validation Metrics ◽  
High Processing

Distributed Denial of Service (DDoS) is a predominant threat to the availability of online services due to their size and frequency. However, developing an effective security mechanism to protect a network from this threat is a big challenge because DDoS uses various attack approaches coupled with several possible combinations. Furthermore, most of the existing deep learning- (DL-) based models pose a high processing overhead or may not perform well to detect the recently reported DDoS attacks as these models use outdated datasets for training and evaluation. To address the issues mentioned earlier, we propose CyDDoS, an integrated intrusion detection system (IDS) framework, which combines an ensemble of feature engineering algorithms with the deep neural network. The ensemble feature selection is based on five machine learning classifiers used to identify and extract the most relevant features used by the predictive model. This approach improves the model performance by processing only a subset of relevant features while reducing the computation requirement. We evaluate the model performance based on CICDDoS2019, a modern and realistic dataset consisting of normal and DDoS attack traffic. The evaluation considers different validation metrics such as accuracy, precision, F1-Score, and recall to argue the effectiveness of the proposed framework against state-of-the-art IDSs.

scholarly journals Anomaly Detection in Distributed Denial of Service Attack using Map Reduce Improvised Counter Based Algorithm in Hadoop

2019 ◽  
Vol 8 (4) ◽  
pp. 4668-4671
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Network Traffic ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Map Reduce ◽  
Distributed Denial Of Service ◽  
Unusual Pattern ◽  
Denial Of Service Attack

A Distributed denial of Service attacks(DDoS) is one of the major threats in the cyber network and it attacks the computers flooded with the Users Data Gram packet. These types of attacks causes major problem in the network in the form of crashing the system with large volume of traffic to attack the victim and make the victim idle in which not responding the requests. To detect this DDOS attack traditional intrusion detection system is not suitable to handle huge volume of data. Hadoop is a frame work which handles huge volume of data and is used to process the data to find any malicious activity in the data. In this research paper anomaly detection technique is implemented in Map Reduce Algorithm which detects the unusual pattern of data in the network traffic. To design a proposed model, Map Reduce platform is used to hold the improvised algorithm which detects the (DDoS) attacks by filtering and sorting the network traffic and detects the unusual pattern from the network. Improvised Map reduce algorithm is implemented with Map Reduce functionalities at the stage of verifying the network IPS. This Proposed algorithm focuses on the UDP flooding attack using Anomaly based Intrusion detection system technique which detects kind of pattern and flow of packets in the node is more than the threshold and also identifies the source code causing UDP Flood Attack.

scholarly journals I2DS: Interpretable Intrusion Detection System Using Autoencoder and Additive Tree

2021 ◽  
Vol 2021 ◽  
pp. 1-9
Author(s):  
Wenfeng Xu ◽  
Yongxian Fan ◽  
Changyong Li
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Predictive Performance ◽  
Detection Performance ◽  
Detection Methods ◽  
Detection Accuracy ◽  
Learning Models ◽  
Model Based ◽  
Additive Tree

Intrusion detection system (IDS), the second security gate behind the firewall, can monitor the network without affecting the network performance and ensure the system security from the internal maximum. Many researches have applied traditional machine learning models, deep learning models, or hybrid models to IDS to improve detection effect. However, according to Predicted accuracy, Descriptive accuracy, and Relevancy (PDR) framework, most of detection models based on model-based interpretability lack good detection performance. To solve the problem, in this paper, we have proposed a novel intrusion detection system model based on model-based interpretability, called Interpretable Intrusion Detection System (I2DS). We firstly combine normal and attack samples reconstructed by AutoEncoder (AE) with training samples to highlight the normal and attack features, so that the classifier has a gorgeous effect. Then, Additive Tree (AddTree) is used as a binary classifier, which can provide excellent predictive performance in the combined dataset while maintaining good model-based interpretability. In the experiment, UNSW-NB15 dataset is used to evaluate our proposed model. For detection performance, I2DS achieves a detection accuracy of 99.95%, which is better than most of state-of-the-art intrusion detection methods. Moreover, I2DS maintains higher simulatability and captures the decision rules easily.

scholarly journals SDN-Based Intrusion Detection System for Early Detection and Mitigation of DDoS Attacks

Information ◽  
2019 ◽  
Vol 10 (3) ◽  
pp. 106 ◽  
Author(s):  
Pedro Manso ◽  
José Moura ◽  
Carlos Serrão
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Network Performance ◽  
Detection System ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Normal Operation ◽  
Ddos Attacks ◽  
Network Infrastructure ◽  
Sdn Controller

The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of Distributed Denial of Service (DDoS) attacks that try to explore those security weaknesses. We design and implement a Software-Defined Intrusion Detection System (IDS) that reactively impairs the attacks at its origin, ensuring the “normal operation” of the network infrastructure. Our proposal includes an IDS that automatically detects several DDoS attacks, and then as an attack is detected, it notifies a Software Defined Networking (SDN) controller. The current proposal also downloads some convenient traffic forwarding decisions from the SDN controller to network devices. The evaluation results suggest that our proposal timely detects several types of cyber-attacks based on DDoS, mitigates their negative impacts on the network performance, and ensures the correct data delivery of normal traffic. Our work sheds light on the programming relevance over an abstracted view of the network infrastructure to timely detect a Botnet exploitation, mitigate malicious traffic at its source, and protect benign traffic.

scholarly journals Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detection system: A comprehensive review

2021 ◽  
Vol 11 (6) ◽  
pp. 5216
Author(s):  
Adnan Hasan Bdair Alghuraibawi ◽  
Rosni Abdullah ◽  
Selvakumar Manickam ◽  
Zaid Abdi Alkareem Alyasseri
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Positive Impact ◽  
Detection System ◽  
Denial Of Service ◽  
Internet Protocol ◽  
Economic Damage ◽  
Detection Accuracy ◽  
Ddos Attacks ◽  
Network Systems

Security network systems have been an increasingly important discipline since the implementation of preliminary stages of Internet Protocol version 6 (IPv6) for exploiting by attackers. IPv6 has an improved protocol in terms of security as it brought new functionalities, procedures, i.e., Internet Control Message Protocol version 6 (ICMPv6). The ICMPv6 protocol is considered to be very important and represents the backbone of the IPv6, which is also responsible to send and receive messages in IPv6. However, IPv6 Inherited many attacks from the previous internet protocol version 4 (IPv4) such as distributed denial of service (DDoS) attacks. DDoS is a thorny problem on the internet, being one of the most prominent attacks affecting a network result in tremendous economic damage to individuals as well as organizations. In this paper, an exhaustive evaluation and analysis are conducted anomaly detection DDoS attacks against ICMPv6 messages, in addition, explained anomaly detection types to ICMPv6 DDoS flooding attacks in IPv6 networks. Proposed using feature selection technique based on bio-inspired algorithms for selecting an optimal solution which selects subset to have a positive impact of the detection accuracy ICMPv6 DDoS attack. The review outlines the features and protection constraints of IPv6 intrusion detection systems focusing mainly on DDoS attacks.

scholarly journals Machine Learning-Based Distributed Denial of Service Attack Detection on Intrusion Detection System Regarding to Feature Selection

2020 ◽  
Vol 4 (1) ◽  
Author(s):  
Ahmad Azhari ◽  
Arif Wirawan Muhammad ◽  
Cik Feresa Mohd Foozy
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Policy Development ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Machine Learning Techniques ◽  
Ddos Attacks ◽  
Detection Techniques

Distributed Service Denial (DDoS) is a type of network attack, which each year increases in volume and intensity.  DDoS attacks also form part of the major types of cyber security threats so far. Early detection plays a key role in avoiding the catastrophic effects on server infrastructure from DDoS attacks. Detection techniques in the traditional Intrusion Detection System (IDS) are far from perfect compared to a number of modern techniques and tools used by attackers, because the traditional IDS only uses signature-based detection or anomaly-based detection models and causes a lot of false positive flags, since the flow of computer network data packets has complex properties in terms of both size and source. Based on the  deficiency in the ordinary IDS, this study aims to detect DDoS attacks by using machine learning techniques to enhance IDS policy development.  According to the experiment the selection of features plays an important role in the precision of the detection results and in the performance of machine learning in classification problems. The combination of seven key selected dataset features used as an input neural network classifier in this study provides the highest accuracy value at 97.76%.

scholarly journals Design of a Network Intrusion Detection System Using Complex Deep Neuronal Networks

2021 ◽  
Vol 13 (3) ◽  
Author(s):  
Mohammed Abdulhammed Al-Shabi
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Neuronal Networks ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Detection Methods ◽  
Network Intrusion Detection ◽  
Detection Accuracy ◽  
Network Intrusion ◽  
Network Intrusion Detection System

Recent years have witnessed a tremendous development in various scientific and industrial fields. As a result, different types of networks are widely introduced which are vulnerable to intrusion. In view of the same, numerous studies have been devoted to detecting all types of intrusion and protect the networks from these penetrations. In this paper, a novel network intrusion detection system has been designed to detect cyber-attacks using complex deep neuronal networks. The developed system is trained and tested on the standard dataset KDDCUP99 via pycharm program. Relevant to existing intrusion detection methods with similar deep neuronal networks and traditional machine learning algorithms, the proposed detection system achieves better results in terms of detection accuracy.

scholarly journals A Survey of DDOS Attacks Using Machine Learning Techniques

2020 ◽  
Vol 184 ◽  
pp. 01052
Author(s):  
M Arshi ◽  
MD Nasreen ◽  
Karanam Madhavi
Keyword(s):  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Machine Learning Techniques ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Safe Operation ◽  
Current Form ◽  
Learning Techniques ◽  
Essential Services

The DDoS attacks are the most destructive attacks that interrupt the safe operation of essential services delivered by the internet community’s different organizations. DDOS stands for Distributed Denial Of Service attacks. These attacks are becoming more complex and expected to expand in number day after day, rendering detecting and combating these threats challenging. Hence, an advanced intrusion detection system (IDS) is required to identify and recognize an- anomalous internet traffic behaviour. Within this article the process is supported on the latest dataset containing the current form of DDoS attacks including (HTTP flood, SIDDoS). This study combines well-known grouping methods such as Naïve Bayes, Multilayer Perceptron (MLP), and SVM, Decision trees.

Sign in / Sign up

Export Citation Format

Share Document