scholarly journals Review of Detection DDOS Attack Detection Using Naive Bayes Classifier for Network Forensics

2017 ◽  
Vol 6 (2) ◽  
pp. 140-148 ◽  
Author(s):  
Abdul Fadlil ◽  
Imam Riadi ◽  
Sukma Aji
Keyword(s):  
Network Traffic ◽  
Naive Bayes ◽  
Detection System ◽  
Denial Of Service ◽  
Naïve Bayes ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Great Loss ◽  
New Approach ◽  
Internet Users

Distributed Denial of Service (DDoS) is a type of attack using the volume, intensity, and more costs mitigation to increase in this era. Attackers used many zombie computers to exhaust the resources available to a network, application or service so that authorize users cannot gain access or the network service is down, and it is a great loss for Internet users in computer networks affected by DDoS attacks. In the Network Forensic, a crime that occurs in the system network services can be sued in the court and the attackers will be punished in accordance with law. This research has the goal to develop a new approach to detect DDoS attacks based on network traffic activity were statistically analyzed using Naive Bayes method. Data were taken from the training and testing of network traffic in a core router in Master of Information Technology Research Laboratory University of Ahmad Dahlan Yogyakarta. The new approach in detecting DDoS attacks is expected to be a relation with Intrusion Detection System (IDS) to predict the existence of DDoS attacks.

scholarly journals Detecting High and Low Intensity Distributed Denial of Service (DDoS) Attacks

2021 ◽  
Author(s):  
◽  
Abigail Koay
Keyword(s):  
Information Sharing ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Traffic Classification ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Low Intensity ◽  
Ddos Attack ◽  
Ddos Attack Detection

<p>High and low-intensity attacks are two common Distributed Denial of Service (DDoS) attacks that disrupt Internet users and their daily operations. Detecting these attacks is important to ensure that communication, business operations, and education facilities can run smoothly. Many DDoS attack detection systems have been proposed in the past but still lack performance, scalability, and information sharing ability to detect both high and low-intensity DDoS attacks accurately and early. To combat these issues, this thesis studies the use of Software-Defined Networking technology, entropy-based features, and machine learning classifiers to develop three useful components, namely a good system architecture, a useful set of features, and an accurate and generalised traffic classification scheme. The findings from the experimental analysis and evaluation results of the three components provide important insights for researchers to improve the overall performance, scalability, and information sharing ability for building an accurate and early DDoS attack detection system.</p>

scholarly journals DDoS detection and prevention based on artificial intelligence techniques

2019 ◽  
Vol XXII (1) ◽  
pp. 134-143
Author(s):  
Glăvan D.
Keyword(s):  
Artificial Intelligence ◽  
Denial Of Service ◽  
Attack Detection ◽  
Machine Learning Algorithms ◽  
Ddos Attacks ◽  
Great Loss ◽  
Artificial Intelligence Techniques ◽  
Ddos Attack ◽  
Random Forest Tree ◽  
Ddos Attack Detection

Distributed Denial of Service (DDoS) attacks have been the major threats for the Internet and can bring great loss to companies and governments. With the development of emerging technologies, such as cloud computing, Internet of Things (IoT), artificial intelligence techniques, attackers can launch a huge volume of DDoS attacks with a lower cost, and it is much harder to detect and prevent DDoS attacks, because DDoS traffic is similar to normal traffic. Some artificial intelligence techniques like machine learning algorithms have been used to classify DDoS attack traffic and detect DDoS attacks, such as Naive Bayes and Random forest tree. In the paper, we survey on the latest progress on the DDoS attack detection using artificial intelligence techniques and give recommendations on artificial intelligence techniques to be used in DDoS attack detection and prevention.

scholarly journals Smart Detection: An Online Approach for DoS/DDoS Attack Detection Using Machine Learning

2019 ◽  
Vol 2019 ◽  
pp. 1-15 ◽  
Author(s):  
Francisco Sales de Lima Filho ◽  
Frederico A. F. Silveira ◽  
Agostinho de Medeiros Brito Junior ◽  
Genoveva Vargas-Solar ◽  
Luiz F. Silveira
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Service Providers ◽  
Detection System ◽  
Denial Of Service ◽  
Sampling Rate ◽  
Attack Detection ◽  
Dos Attacks ◽  
Internet Service ◽  
Benchmark Datasets

Users and Internet service providers (ISPs) are constantly affected by denial-of-service (DoS) attacks. This cyber threat continues to grow even with the development of new protection technologies. Developing mechanisms to detect this threat is a current challenge in network security. This article presents a machine learning- (ML-) based DoS detection system. The proposed approach makes inferences based on signatures previously extracted from samples of network traffic. The experiments were performed using four modern benchmark datasets. The results show an online detection rate (DR) of attacks above 96%, with high precision (PREC) and low false alarm rate (FAR) using a sampling rate (SR) of 20% of network traffic.

scholarly journals On the use of information theory metrics for detecting DDoS attacks and flash events: an empirical analysis, comparison, and future directions

2021 ◽  
Vol 48 (4) ◽  
Author(s):  
Jagdeep Singh ◽  
◽  
Navjot Jyoti ◽  
Sunny Behal ◽  
◽  
...  
Keyword(s):  
Information Theory ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
High Rate ◽  
Ddos Attacks ◽  
Operating Characteristics ◽  
Classification Rate ◽  
Ddos Attack ◽  
Ddos Attack Detection

A Distributed Denial of Service (DDoS) attack is one of the lethal threats that can cripple down the computing and communication resources of a web server hosting Internet-based services and applications. It has motivated the researchers over the years to find diversified and robust solutions to combat against DDoS attacks and characterization of flash events (a sudden surge in the legitimate traffic) from HR-DDoS (High-Rate DDoS) attacks. In recent times, the volume of legitimate traffic has also magnified manifolds. It results in behavioral similarities of attack traffic and legitimate traffic that make it very difficult and crucial to differentiate between the two. Predominantly, Netflow-based techniques are in use for detecting and differentiating legitimate and attack traffic flows. Over the last decade, fellow researchers have extensively used distinct information theory metrics for Netflow-based DDoS defense solutions. However, a comprehensive analysis and comparison of these diversified information theory metrics used for particularly DDoS attack detection are needed for a better understanding of the defense systems based on information theory. This paper elucidates the efficacy and effectiveness of information theory-based various entropy and divergence measures in the field of DDoS attack detection. As part of the work, a generalized NetFlow-based methodology has been proposed. The proposed detection methodology has been validated using the traffic traces of various real benchmarked datasets on a set of detection system evaluation metrics such as Detection rate (Recall), Precision, F-Measure, FPR, Classification rate, and Receiver-Operating Characteristics (ROC) curves. It has concluded that generalized divergence-based information theory metrics produce more accuracy in detecting different types of attack flows in contrast to entropy-based information theory metrics.

scholarly journals Detection of DDoS Attacks in Software Defined Networking Using Entropy

2021 ◽  
Vol 12 (1) ◽  
pp. 370
Author(s):  
Cong Fan ◽  
Nitheesh Murugan Kaliyamurthy ◽  
Shi Chen ◽  
He Jiang ◽  
Yiwen Zhou ◽  
...  
Keyword(s):  
Detection Method ◽  
Denial Of Service ◽  
Software Defined Networking ◽  
Attack Detection ◽  
Detection Methods ◽  
Network Architectures ◽  
Security Threats ◽  
Ddos Attacks ◽  
Internet Users ◽  
Detection Effect

Software Defined Networking (SDN) is one of the most commonly used network architectures in recent years. With the substantial increase in the number of Internet users, network security threats appear more frequently, which brings more concerns to SDN. Distributed denial of Service (DDoS) attacks are one of the most dangerous and frequent attacks in software defined networks. The traditional attack detection method using entropy has some defects such as slow attack detection and poor detection effect. In order to solve this problem, this paper proposed a method of fusion entropy, which detects attacks by measuring the randomness of network events. This method has the advantages of fast attack detection speed and obvious decrease in entropy value. The complementarity of information entropy and log energy entropy is effectively utilized. The experimental results show that the entropy value of the attack scenarios 91.25% lower than normal scenarios, which has greater advantages and significance compared with other attack detection methods.

scholarly journals Machine Learning-Based Distributed Denial of Service Attack Detection on Intrusion Detection System Regarding to Feature Selection

2020 ◽  
Vol 4 (1) ◽  
Author(s):  
Ahmad Azhari ◽  
Arif Wirawan Muhammad ◽  
Cik Feresa Mohd Foozy
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Policy Development ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Machine Learning Techniques ◽  
Ddos Attacks ◽  
Detection Techniques

Distributed Service Denial (DDoS) is a type of network attack, which each year increases in volume and intensity.  DDoS attacks also form part of the major types of cyber security threats so far. Early detection plays a key role in avoiding the catastrophic effects on server infrastructure from DDoS attacks. Detection techniques in the traditional Intrusion Detection System (IDS) are far from perfect compared to a number of modern techniques and tools used by attackers, because the traditional IDS only uses signature-based detection or anomaly-based detection models and causes a lot of false positive flags, since the flow of computer network data packets has complex properties in terms of both size and source. Based on the  deficiency in the ordinary IDS, this study aims to detect DDoS attacks by using machine learning techniques to enhance IDS policy development.  According to the experiment the selection of features plays an important role in the precision of the detection results and in the performance of machine learning in classification problems. The combination of seven key selected dataset features used as an input neural network classifier in this study provides the highest accuracy value at 97.76%.

scholarly journals DETECTION AND MITIGATION OF DISTRIBUTED DENIAL OF SERVICE ATTACKS ON NETWORK ARCHITECTURE SOFTWARE DEFINED NETWORKING USING THE NAIVE BAYES ALGORITHM

2022 ◽  
Vol 3 (2) ◽  
pp. 51-55
Author(s):  
Misbachul Munir ◽  
Ipung Ardiansyah ◽  
Joko Dwi Santoso ◽  
Ali Mustopa ◽  
Sri Mulyatun
Keyword(s):  
Network Architecture ◽  
Naive Bayes ◽  
Denial Of Service ◽  
Naïve Bayes ◽  
Software Defined Network ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Network Resources ◽  
Bayes Algorithm

DDoS attacks are a form of attack carried out by sending packets continuously to machines and even computer networks. This attack will result in a machine or network resources that cannot be accessed or used by users. DDoS attacks usually originate from several machines operated by users or by bots, whereas Dos attacks are carried out by one person or one system. In this study, the term to be used is the term DDoS to represent a DoS or DDoS attack. In the network world, Software Defined Network (SDN) is a promising paradigm. SDN separates the control plane from forwarding plane to improve network programmability and network management. As part of the network, SDN is not spared from DDoS attacks. In this study, we use the naïve Bayes algorithm as a method to detect DDoS attacks on the Software Defined Network network architecture

scholarly journals IoT DoS and DDoS Attack Detection using ResNet

2020 ◽  
Author(s):  
Faisal Hussain ◽  
Syed Ghazanfar Abbas ◽  
Muhammad Husnain ◽  
Ubaid U. Fayyaz ◽  
Farrukh Shahzad ◽  
...  
Keyword(s):  
Network Traffic ◽  
State Of The Art ◽  
Binary Classification ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Detection Systems ◽  
Ddos Attack ◽  
Attack Patterns ◽  
Iot Devices

Abstract The network attacks are increasing both in frequency and intensity with the rapid growth of internet of things (IoT) devices. Recently, denial of service (DoS) and distributed denial of service (DDoS) attacks are reported as the most frequent attacks in IoT networks. The traditional security solutions like firewalls, intrusion detection systems, etc., are unable to detect the complex DoS and DDoS attacks since most of them filter the normal and attack traffic based upon the static predefined rules. However, these solutions can become reliable and effective when integrated with artificial intelligence (AI) based techniques. During the last few years, deep learning models especially convolutional neural networks achieved high significance due to their outstanding performance in the image processing field. The potential of these convolutional neural network (CNN) models can be used to efficiently detect the complex DoS and DDoS by converting the network traffic dataset into images. Therefore, in this work, we proposed a methodology to convert the network traffic data into image form and trained a state-of-the-art CNN model, i.e., ResNet over the converted data. The proposed methodology accomplished 99.99\% accuracy for detecting the DoS and DDoS in case of binary classification. Furthermore, the proposed methodology achieved 87\% average precision for recognizing eleven types of DoS and DDoS attack patterns which is 9\% higher as compared to the state-of-the-art.

Sign in / Sign up

Export Citation Format

Share Document