scholarly journals Flow Correlation Degree Optimization Driven Random Forest for Detecting DDoS Attacks in Cloud Computing

2018 ◽  
Vol 2018 ◽  
pp. 1-14 ◽  
Author(s):  
Jieren Cheng ◽  
Mengyang Li ◽  
Xiangyan Tang ◽  
Victor S. Sheng ◽  
Yifu Liu ◽  
...  
Keyword(s):  
Genetic Algorithm ◽  
Cloud Computing ◽  
Random Forest ◽  
Decision Tree ◽  
Attack Detection ◽  
Detection Methods ◽  
Cloud Environment ◽  
Ddos Attack ◽  
Correlation Degree ◽  
Ddos Attack Detection

Distributed denial-of-service (DDoS) has caused major damage to cloud computing, and the false- and missing-alarm rates of existing DDoS attack-detection methods are relatively high in cloud environment. In this paper, we propose a DDoS attack-detection method with enhanced random forest (RF) optimized by genetic algorithm based on flow correlation degree (FCD) feature. We define the FCD feature according to the asymmetric and semidirectivity interaction characteristics and use the two-tuples FCD feature consisting of packet-statistical degree (PSD) and semidirectivity interaction abnormality (SDIA) to describe the features of attack flow and normal flow. Then we use a genetic algorithm based on the FCD feature sequences to optimize two key parameters of the decision tree in the RF: the maximum number of decision trees and the maximum depth of every single decision tree. We apply the trained RF model with optimized parameters to generate the classifier to be used for DDoS attack-detection. The experiment shows that the proposed method can effectively detect DDoS attacks in cloud environment with a higher accuracy rate and lower false- and missing-alarm rates compared to existing DDoS attack-detection methods.

scholarly journals Machine-learning and statistical methods for DDoS attack detection and defense system in software defined networks

2021 ◽  
Author(s):  
Merlin James Rukshan Dennis
Keyword(s):  
Machine Learning ◽  
Random Forest ◽  
Statistical Approach ◽  
Denial Of Service ◽  
Attack Detection ◽  
Learning Approach ◽  
Ddos Attack ◽  
Machine Learning Approach ◽  
Ddos Detection ◽  
Ddos Attack Detection

Distributed Denial of Service (DDoS) attack is a serious threat on today’s Internet. As the traffic across the Internet increases day by day, it is a challenge to distinguish between legitimate and malicious traffic. This thesis proposes two different approaches to build an efficient DDoS attack detection system in the Software Defined Networking environment. SDN is the latest networking approach which implements centralized controller, which is programmable. The central control and the programming capability of the controller are used in this thesis to implement the detection and mitigation mechanisms. In this thesis, two designed approaches, statistical approach and machine-learning approach, are proposed for the DDoS detection. The statistical approach implements entropy computation and flow statistics analysis. It uses the mean and standard deviation of destination entropy, new flow arrival rate, packets per flow and flow duration to compute various thresholds. These thresholds are then used to distinguish normal and attack traffic. The machine learning approach uses Random Forest classifier to detect the DDoS attack. We fine-tune the Random Forest algorithm to make it more accurate in DDoS detection. In particular, we introduce the weighted voting instead of the standard majority voting to improve the accuracy. Our result shows that the proposed machine-learning approach outperforms the statistical approach. Furthermore, it also outperforms other machine-learning approach found in the literature.

Detecting DDoS Attacks on Multiple Network Hosts

2019 ◽  
pp. 121-139 ◽  
Author(s):  
Konstantinos F. Xylogiannopoulos ◽  
Panagiotis Karampelas ◽  
Reda Alhajj
Keyword(s):  
Denial Of Service ◽  
Attack Detection ◽  
Detection Methods ◽  
Distributed Denial Of Service ◽  
Secondary Sources ◽  
Ddos Attack ◽  
Timely Fashion ◽  
Multiple Network ◽  
Ddos Attack Detection ◽  
Low Traffic

The proliferation of low security internet of things devices has widened the range of weapons that malevolent users can utilize in order to attack legitimate services in new ways. In the recent years, apart from very large volumetric distributed denial of service attacks, low and slow attacks initiated from intelligent bot networks have been detected to target multiple hosts in a network in a timely fashion. However, even if the attacks seem to be “innocent” at the beginning, they generate huge traffic in the network without practically been detected by the traditional DDoS attack detection methods. In this chapter, an advanced pattern detection method is presented that is able to collect and classify in real time all the incoming traffic and detect a developing slow and low DDoS attack by monitoring the traffic in all the hosts of the network. The experimental analysis on a real dataset provides useful insights about the effectiveness of the method by identifying not only the main source of attack but also secondary sources that produce low traffic, targeting though multiple hosts.

DdoS Attack Detection on Cloud Environment in Wireless Sensor Network: A Review

2018 ◽  
Vol 8 (5) ◽  
pp. 33
Author(s):  
Amarjeet Kaur ◽  
Gagandeep Kaur ◽  
Gagandeep Kaur
Keyword(s):  
Research Work ◽  
Attack Detection ◽  
Wireless Sensor ◽  
Cloud Environment ◽  
Due Date ◽  
General Control ◽  
Ddos Attack ◽  
The Common ◽  
The Government ◽  
Ddos Attack Detection

In this sense, DoS, particularly DDoS, undermines the Internet, as well as debilitates the common security, because of its predominant utilization in digital wrongdoings. Accordingly to see well the attributes of DDoS issues and examine comparing protection instruments have noteworthy commitments for the scholarly world and industry, as well as for the government disability and crisis administration organizations, since they can utilize such learning to upgrade their capacities of hazard appraisals and help the partners to settle on suitable choices when confronting DDoS dangers. In the current research work the diverse sorts of issues, such viewpoint as far as distinguishing DoS assaults is to see the issue as that of a grouping issue on arrange state (and not on singular bundles or different units) by demonstrating ordinary and assault activity and characterizing the momentum condition of the system as great or terrible, in this way identifying assaults when they happen. Another is the Transmission disappointments or due date misses may bring about unsettling influences to the procedure, debasement of the general control execution. In future All these are settled with the assistance of a DDoS assault location and DSR Algorithm with Cryptography on Wireless Sensor organize and the WSN with BS, CH

DDOS Attack Detection Strategies in Cloud A Comparative Stud

2017 ◽  
pp. 35-42
Author(s):  
◽  
◽  
Keyword(s):  
Information Technology ◽  
Attack Detection ◽  
Cyber Attacks ◽  
Detection Methods ◽  
Detection Accuracy ◽  
Huge Number ◽  
Ddos Attack ◽  
Ddos Attack Detection ◽  
Detection Strategies ◽  
Hot Target

Cloud is known as a highly-available platform that has become most popular among businesses for all information technology needs. Being a widely used platform, it’s also a hot target for cyber-attacks. Distributed Denial of Services (DDoS) is a great threat to a cloud in which cloud bandwidth, resources, and applications are attacked to cause service unavailability. In a DDoS attack, multiple botnets attack victim using spoofed IPs with a huge number of requests to a server. Since its discovery in 1980, numerous methods have been proposed for detection and prevention of network anomalies. This study provides a background of DDoS attack detection methods in past decade and a survey of some of the latest proposed strategies to detect DDoS attacks in the cloud, the methods are further compared for their detection accuracy.

scholarly journals Machine-learning and statistical methods for DDoS attack detection and defense system in software defined networks

2021 ◽  
Author(s):  
Merlin James Rukshan Dennis
Keyword(s):  
Machine Learning ◽  
Random Forest ◽  
Statistical Approach ◽  
Denial Of Service ◽  
Attack Detection ◽  
Learning Approach ◽  
Ddos Attack ◽  
Machine Learning Approach ◽  
Ddos Detection ◽  
Ddos Attack Detection

Distributed Denial of Service (DDoS) attack is a serious threat on today’s Internet. As the traffic across the Internet increases day by day, it is a challenge to distinguish between legitimate and malicious traffic. This thesis proposes two different approaches to build an efficient DDoS attack detection system in the Software Defined Networking environment. SDN is the latest networking approach which implements centralized controller, which is programmable. The central control and the programming capability of the controller are used in this thesis to implement the detection and mitigation mechanisms. In this thesis, two designed approaches, statistical approach and machine-learning approach, are proposed for the DDoS detection. The statistical approach implements entropy computation and flow statistics analysis. It uses the mean and standard deviation of destination entropy, new flow arrival rate, packets per flow and flow duration to compute various thresholds. These thresholds are then used to distinguish normal and attack traffic. The machine learning approach uses Random Forest classifier to detect the DDoS attack. We fine-tune the Random Forest algorithm to make it more accurate in DDoS detection. In particular, we introduce the weighted voting instead of the standard majority voting to improve the accuracy. Our result shows that the proposed machine-learning approach outperforms the statistical approach. Furthermore, it also outperforms other machine-learning approach found in the literature.

scholarly journals Feature Selection Techniques Cloud DDOS Attack Detection

2019 ◽  
Vol 8 (12) ◽  
pp. 1257-1260
Keyword(s):  
Cloud Computing ◽  
Network Traffic ◽  
Denial Of Service ◽  
Attack Detection ◽  
False Alarms ◽  
Traffic Classification ◽  
Ddos Attack ◽  
Network Intrusion ◽  
Network Traffic Classification ◽  
Ddos Attack Detection

The ongoing progression of Cloud Computing, it gives different services to together hierarchical as well as singular users, for example, shared computing resources, storage, networking and so on interest. The most well-known sort of attack on Cloud-computing is Distributed Denial of Service- (DDoS) Attack. DDoS attack is an bother which makes resources inaccessible to the client by trading off enormous no of system called bots. This paper proposes systems to create an ideal network traffic feature set for network intrusion detection. The proposed system shows that a reliable set of features are chosen for a given dataset. The outcomes demonstrate that the proposed procedure yields a set of features that, when utilized for network traffic classification, yields low quantities of false alarms.

Sign in / Sign up

Export Citation Format

Share Document