An Efficient Detection Approach for LDoS Attack based on NCS-SVM Algorithm

Low Rate Denial of Service (LDoS) Attack is a sort of DoS attack with analogous effects but is more hidden. The LDoS attack is essentially launched by a malicious attacker who utilizes the loopholes of the TCP/IP congestion control mechanism to aim the purpose of attacking by using the periodic burst co-intensity attack flow and causing repeated congestion on the network. Disadvantages of high false positive rate and high false negative rate still remain in the existing detection methods for LDoS attacks. In this paper, a new method based on NCS-SVM algorithm for LDoS attacks is presented. By judging the similarity between the normal cloud model and the reference, this method determines whether the LDoS attack has occurred. In this detection process, the inverse cloud generator and the normal cloud’s expectation curve are also adopted. For the purpose of improving the accuracy of detection, a Support Vector Machine (SVM) is introduced to classify the similarity of cloud models. Experiments to verify this algorithm used multiple data sets, namely NS2, Testbed, and WIDE2018. And at last, the experimental results and comparison with other methods are given to prove that the NCS-SVM-based LDoS attack detection method is effective.

[1]  Bharat K. Bhargava,et al.  A Novel Low-Rate Denial of Service Attack Detection Approach in ZigBee Wireless Sensor Network by Combining Hilbert-Huang Transformation and Trust Evaluation , 2019, IEEE Access.

[2]  Wanlei Zhou,et al.  Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics , 2011, IEEE Transactions on Information Forensics and Security.

[3]  Jiusheng Chen,et al.  An adaptive network traffic prediction approach for LDoS attacks detection , 2018, Int. J. Commun. Syst..

[4]  Zhijun Wu,et al.  Low-Rate DoS Attacks Detection Based on Network Multifractal , 2016, IEEE Transactions on Dependable and Secure Computing.

[5]  Liu Tang,et al.  MF-CNN: a New Approach for LDoS Attack Detection Based on Multi-feature Fusion and CNN , 2020, Mobile Networks and Applications.

[6]  Joel J. P. C. Rodrigues,et al.  An early detection of low rate DDoS attack to SDN based data center networks using information distance metrics , 2018, Future Gener. Comput. Syst..

[7]  Liu Tang,et al.  PCA-SVM-Based Approach of Detecting Low-Rate DoS Attack , 2019, 2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS).

[8]  Muhammad Imran,et al.  Toward an optimal solution against Denial of Service attacks in Software Defined Networks , 2019, Future Gener. Comput. Syst..

[9]  Deyi Li,et al.  A new cognitive model: Cloud model , 2009, Int. J. Intell. Syst..

[10]  Nirwan Ansari,et al.  A router-based technique to mitigate reduction of quality (RoQ) attacks , 2008, Comput. Networks.

[11]  Jisa David,et al.  Efficient DDoS flood attack detection using dynamic thresholding on flow-based network traffic , 2019, Comput. Secur..

[12]  Joel J. P. C. Rodrigues,et al.  MF-Adaboost: LDoS attack detection based on multi-features and improved Adaboost , 2020, Future Gener. Comput. Syst..

[13]  Liu Tang,et al.  WEDMS: An advanced mean shift clustering algorithm for LDoS attacks detection , 2020, Ad Hoc Networks.

[14]  Yue Meng,et al.  Detection of LDDoS Attack Based on Kalman Filtering , 2008 .

[15]  Vassilios G. Vassilakis,et al.  Implementing an intrusion detection and prevention system using software-defined networking: Defending against port-scanning and denial-of-service attacks , 2019, J. Netw. Comput. Appl..

[16]  Liu Tang,et al.  Low-Rate DoS Attack Detection Based on Two-Step Cluster Analysis , 2018, ICICS.

[17]  Dan Tang,et al.  Low-Rate DoS Attack Detection Based on Improved Logistic Regression , 2019, 2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS).

[18]  Liang Liu,et al.  Identifying LDoS attack traffic based on wavelet energy spectrum and combined neural network , 2018, Int. J. Commun. Syst..

[19]  Gang Feng,et al.  A New Switched System Approach to Leader–Follower Consensus of Heterogeneous Linear Multiagent Systems With DoS Attack , 2019, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[20]  Sarhan M. Musa,et al.  Chaos-based detection of LDoS attacks , 2013, Journal of Systems and Software.

[21]  Jiusheng Chen,et al.  An adaptive KPCA approach for detecting LDoS attack , 2017, Int. J. Commun. Syst..

[22]  Zhijun Wu,et al.  Detecting LDoS attack bursts based on queue distribution , 2019, IET Inf. Secur..

[23]  Xing Gao,et al.  DoS vulnerabilities and mitigation strategies in software-defined networks , 2019, J. Netw. Comput. Appl..

[24]  Van Nhan Vo,et al.  Averaged dependence estimators for DoS attack detection in IoT networks , 2020, Future Gener. Comput. Syst..

[25]  Jamie B. Coble,et al.  Multilayer Data-Driven Cyber-Attack Detection System for Industrial Control Systems Based on Network, System, and Process Data , 2019, IEEE Transactions on Industrial Informatics.

[26]  Dan Tang,et al.  Low-Rate DoS Attacks Detection Based on MAF-ADM , 2020, Sensors.