DEFAD: ensemble classifier for DDOS enabled flood attack defense in distributed network environment

Technological advancements in the information systems and networks are the outcome of potential developments resulting in the networking and communications. The role of Critical Infrastructure is playing a vital role in imparting the condition of effective information systems management. However, with some of the negative developments like DDoS attacks that impact the operations of network application systems, there are adverse set of issues encountered. With the rising number of DDoS attacks phenomenon, researchers have focused on developing contemporary solutions that can support in thwarting such attacks. From the review of such models in the literature review, it is imperative that two distinct dimensions like the detection and mitigation accuracy levels has scope for improvement and profoundly majority of such models were tested on the static datasets which are not pragmatic. Considering such equations, the model proposed in this manuscript focused on a contemporary range of solution that can be high on accuracy rate and also is tested over the dynamic dataset to understand the efficacy of the system. Using the ensemble classifiers comprising drift detection features, at service request stream level, the proposed solution if implemented can lead to better levels of detection. Experimental study of the model carried out using the service request stream that is synthesized is tested based on statistical metrics like accuracy, prediction value and true negative rates. Significance of the model is imperative in terms of results generated and its comparative analysis to the other bench-mark models in the segment.

[1]  F. Richard Yu,et al.  Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges , 2016, IEEE Communications Surveys & Tutorials.

[2]  David M. W. Powers,et al.  Evaluation: from precision, recall and F-measure to ROC, informedness, markedness and correlation , 2011, ArXiv.

[3]  A. Malathi,et al.  A Detailed Analysis on NSL-KDD Dataset Using Various Machine Learning Techniques for Intrusion Detection , 2013 .

[4]  Ghazi Al-Naymat,et al.  Detecting Distributed Denial of Service Attacks Using Data Mining Techniques , 2016 .

[5]  Mohammad Reza Norouzian,et al.  Classifying attacks in a network intrusion detection system based on artificial neural networks , 2011, 13th International Conference on Advanced Communication Technology (ICACT2011).

[6]  F. Stephan,et al.  Set theory , 2018, Mathematical Statistics with Applications in R.

[7]  Vern Paxson,et al.  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection , 2010, 2010 IEEE Symposium on Security and Privacy.

[8]  Ahmad Faraahi,et al.  An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks , 2011 .

[9]  Shahram Sarkani,et al.  MARK-ELM: Application of a novel Multiple Kernel Learning framework for improving the robustness of Network Intrusion Detection , 2015, Expert Syst. Appl..

[10]  Heejo Lee,et al.  Flooding DDoS mitigation and traffic management with software defined networking , 2015, 2015 IEEE 4th International Conference on Cloud Networking (CloudNet).

[11]  B. B. Gupta,et al.  Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a Cloud computing environment , 2017, Neural Computing and Applications.

[12]  Hitesh Nemade,et al.  DEFENSE MECHANISM FOR DDoS ATTACK THROUGH MACHINE LEARNING , 2014 .

[13]  Xiaohong Huang,et al.  A DDoS Attack Detection Method Based on Hybrid Heterogeneous Multiclassifier Ensemble Learning , 2017, J. Electr. Comput. Eng..

[14]  Jin Li,et al.  Insight of the protection for data security under selective opening attacks , 2017, Inf. Sci..

[15]  Boleslaw K. Szymanski,et al.  NETWORK-BASED INTRUSION DETECTION USING NEURAL NETWORKS , 2002 .

[16]  S. Selvakumar,et al.  Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems , 2013, Comput. Commun..

[17]  Antonio Nucci,et al.  Robust and efficient detection of DDoS attacks for large-scale internet , 2007, Comput. Networks.

[18]  S VivinSandar,et al.  Economic Denial of Sustainability (EDoS) in Cloud Services using HTTP and XML based DDoS Attacks , 2012 .

[19]  Georgios Loukas,et al.  Protection Against Denial of Service Attacks: A Survey , 2010, Comput. J..

[20]  Bongnam Noh,et al.  Network Intrusion Detection Using Statistical Probability Distribution , 2006, ICCSA.

[21]  Jordi Torres,et al.  Adaptive distributed mechanism against flooding network attacks based on machine learning , 2008, AISec '08.

[22]  Jin Li,et al.  New Algorithms for Secure Outsourcing of Large-Scale Systems of Linear Equations , 2015, IEEE Transactions on Information Forensics and Security.

[23]  Brij B. Gupta,et al.  Taxonomy of Recent DDoS Attack Prevention, Detection, and Response Schemes in Cloud Environment , 2016 .

[24]  Esraa Alomari,et al.  Botnet-based Distributed Denial of Service (DDoS) Attacks on Web Servers: Classification and Art , 2012, ArXiv.

[25]  Benoit Claise,et al.  Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information , 2008, RFC.

[26]  Rajagopalan Vijayasarathy,et al.  A system approach to network modeling for DDoS detection using a Naìve Bayesian classifier , 2011, 2011 Third International Conference on Communication Systems and Networks (COMSNETS 2011).

[27]  Hongming Zhou,et al.  Extreme Learning Machine for Regression and Multiclass Classification , 2012, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[28]  Benoit Claise,et al.  Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information , 2013, RFC.

[29]  Wei Pan,et al.  A Hybrid Neural Network Approach to the Classification of Novel Attacks for Intrusion Detection , 2005, ISPA.

[30]  Taghi M. Khoshgoftaar,et al.  RUDY Attack: Detection at the Network Level and Its Important Features , 2016, FLAIRS.

[31]  Worachai Srimuang,et al.  Classification model of network intrusion using Weighted Extreme Learning Machine , 2015, 2015 12th International Joint Conference on Computer Science and Software Engineering (JCSSE).

[32]  A. Ghasemi,et al.  Normality Tests for Statistical Analysis: A Guide for Non-Statisticians , 2012, International journal of endocrinology and metabolism.

[33]  Sunny Behal,et al.  Characterization and Comparison of DDoS Attack Tools and Traffic Generators: A Review , 2017, Int. J. Netw. Secur..

[34]  Maurizio Aiello,et al.  Taxonomy of Slow DoS Attacks to Web Applications , 2012, SNDS.

[35]  Darragh O'Brien,et al.  Machine Learning for Automatic Defence Against Distributed Denial of Service Attacks , 2007, 2007 IEEE International Conference on Communications.

[36]  Paul Barford,et al.  Characteristics of network traffic flow anomalies , 2001, IMW '01.

[37]  Francesco Palmieri,et al.  Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures , 2014, The Journal of Supercomputing.

[38]  Vali Derhami,et al.  Intrusion Detection and Attack Classification Using Feed-Forward Neural Network , 2010, 2010 Second International Conference on Computer and Network Technology.

[39]  Rajashekara Swamy,et al.  Experiences in performance testing of web applications with Unified Authentication platform using Jmeter , 2015, 2015 International Symposium on Technology Management and Emerging Technologies (ISTMET).

[40]  Tanja Zseby,et al.  Analysis of network traffic features for anomaly detection , 2014, Machine Learning.