Advertisement

Cluster Computing

, Volume 22, Supplement 1, pp 423–434 | Cite as

Detection of DoS attacks in cloud networks using intelligent rule based classification system

  • Rakesh Rajendran
  • S. V. N. Santhosh KumarEmail author
  • Yogesh Palanichamy
  • Kannan Arputharaj
Article
  • 220 Downloads

Abstract

Cloud Network has emerged as one of the most adopted technologies both among the end-users and the developers. Despite cloud networks being popular, security in cloud remains a pivotal research challenge and a topic that is much discussed about. Denial of service (DoS) attack is carried out in cloud by one or more perpetrators using multiple compromised nodes to flood a specific target and thereby resulting in unavailability of services. Classification methods can be used effectively to identify attack signature or recurring patterns of such DoS attacks. Therefore, classification using machine learning techniques have been used in this work for feature selection and classification in order to identify the DoS attacks. For this purpose, a new rule based approach for detecting the DoS attacks which uses a domain expert’s knowledge has been proposed in this paper. Moreover, two new algorithms namely Feature Selection Algorithm using Scoring and Ranking and Rule based Classification Algorithm for detecting DoS Attacks are proposed in this paper in which the final classification is carried out by applying the rules from the rule base and is validated using a domain-expert. We have evaluated the proposed system on an experimental set-up on cloud and used real time DoS tools and observed that the proposed method achieved better DoS attack detection accuracy than the existing classification algorithms used for security.

Keywords

Cloud network DoS attacks Classification Rule base Domain expert Security 

References

  1. 1.
    Khorshed, M.T., Shawkat Ali, A.B.M., Wasimi, S.A.: Classifying different denial-of-service attacks in cloud computing using rule-based learning. Secur. Commun. Netw. 5(11), 1235–1247 (2012)Google Scholar
  2. 2.
    Ficco, M., Rak, M.: Stealthy denial of service strategy in cloud computing. IEEE Trans. Cloud Comput. 3(1), 80–94 (2015)CrossRefGoogle Scholar
  3. 3.
    Ganapathy, S., Kulothungan, K., Muthurajkumar, S., Vijayalakshmi, M., Yogesh, P., Kannan, A.: Intelligent feature selection and classification techniques for intrusion detection in networks: a survey. EURASIP J. Wirel. Commun. Netw. 271(1), 1–16 (2013)Google Scholar
  4. 4.
    Arul Xavier, V.M., Annadurai, S.: Chaotic social spider algorithm for load balance aware task scheduling in cloud computing. Clust. Comput. (2018).  https://doi.org/10.1007/s10586-018-1823-x Google Scholar
  5. 5.
    Muthurajkumar, S., Ganapathy, S., Vijayalakshmi, M., Kannan, A.: Secured temporal log management techniques for cloud. Procedia Comput. Sci. 46, 589–595 (2015)CrossRefGoogle Scholar
  6. 6.
    Ren, Y., Wang, J., Feng, X., Younn, G., Kim, J.-U.: A hierarchical clustering based method to evaluate reuse of rare earth tailings under cloud computing environment. Clust. Comput. (2018).  https://doi.org/10.1007/s10586-017-1654-1 Google Scholar
  7. 7.
    Patel, A., Taghavi, M., Bakhtiyari, K., Júnior, J.C.: An intrusion detection and prevention system in cloud computing: a systematic review”. J. Netw. Comput. Appl. 36(1), 25–41 (2013)CrossRefGoogle Scholar
  8. 8.
    Li, Z., Sun, W., Wang, L.: A neural network based distributed intrusion detection system on cloud platform. In: Proceedings of 2nd IEEE Conference on Cloud Computing and Intelligence Systems, pp. 75–79 (2012)Google Scholar
  9. 9.
    Choi, J., Choi, C., Ko, B., Kim, P.: A method of DDoS attack detection using HTTP packet pattern and rule engine in cloud computing environment. Soft. Comput. 18(9), 1697–1703 (2014)CrossRefGoogle Scholar
  10. 10.
    Pradeepthi, K.V., Kannan, A.: Cloud attack detection with intelligent rules. KSII Trans. Internet Inf. Syst. 9(10), 4204–4221 (2015)Google Scholar
  11. 11.
    Kim, H.-Y.: An energy-efficient load balancing scheme to extend lifetime in wireless sensor networks. J. Clust. Comput. 19, 279–283 (2016)CrossRefGoogle Scholar
  12. 12.
    Logambigai, R., Kannan, A.: Fuzzy logic based unequal clustering for wireless sensor networks. Wirel. Netw. 22, 945–957 (2016)CrossRefGoogle Scholar
  13. 13.
    Ruby D, Vijayalakshmi M, Kannan A: Intelligent relay selection and spectrum sharing techniques for cognitive radio networks. J. Clust. Comput., pp. 1–12 (2017)Google Scholar
  14. 14.
    Gupta, S., Kumar, P., Abraham, A.: A profile based network intrusion detection and prevention system for securing cloud environment. Int. J. Distrib. Sens. Netw., pp. 1–12 (2013)Google Scholar
  15. 15.
    Santhosh Kumar, S.V.N., Yogesh, P.: Energy efficient and secured distributed data dissemination using hop by hop authentication in WSN. Wirel. Netw. (2017)Google Scholar
  16. 16.
    Jansen, W.A.: Cloud hooks: security and privacy issues in cloud computing. In: Proceedings of 44th Hawaii International Conference on System Sciences, 1 Jan 2011Google Scholar
  17. 17.
    Yu, S., Tian, Y., Guo, S., Wu, D.O.: Can we beat DDoS attacks in clouds? IEEE Trans. Parallel Distrib. Syst. 25(9), 2245–2254 (2014)CrossRefGoogle Scholar
  18. 18.
    Girma, A., Garuba, M., Li, J., Liu, C.: Analysis of DDoS attacks and an introduction of a hybrid statistical model to detect DDoS attacks on cloud computing environment. In: Proceedings of 12th International Conference on Information Technology-New Generations, pp. 212–217, 13–15 Apr 2015Google Scholar
  19. 19.
    Arshad, J., Townend, P., Xu, J.: A novel intrusion severity analysis approach for clouds. Future Gener. Comput. Syst. 29(1), 416–428 (2013)CrossRefGoogle Scholar
  20. 20.
    Selvi, M., Logambigai, R., Ganapathy, S., Khanna Nehemiah, H., Kannan, A.: An intelligent agent and FSO based efficient routing algorithm for wireless sensor network. In: Second International Conference on Recent Trends and Challenges in Computational Models (ICRTCCM), IEEE, pp. 100–105 (2017)Google Scholar
  21. 21.
    Selvi, M., Logambigai, R., Ganapathy, S., Sai Ramesh, L., Khanna Nehemiah, H., Kannan, A.: Fuzzy temporal approach for energy efficient routing in WSN. In: Proceedings of the International Conference on Informatics and Analytics, ACM, pp. 1–5 (2016)Google Scholar
  22. 22.
    Selvi, M., Nandhini, C., Thangaramya, K., Kulothungan, K., Kannan, A.: HBO based clustering and energy optimized routing algorithm for WSN. In: Eighth International Conference on Advanced Computing (ICoAC), IEEE, pp. 89–92 (2016)Google Scholar
  23. 23.
    Selvi, M., Velvizhy, P., Ganapathy, S., Khanna Nehemiah, H., Kannan, A.: A rule based delay constrained energy efficient routing technique for wireless sensor networks. J. Clust. Comput. (2017).  https://doi.org/10.1007/s10586-017-1191-y Google Scholar
  24. 24.
    Munuswamy, S., Saravanakumar, J.M., Sannasi, G., Harichandran, K.N., Arputharaj, K.: Virtual force-based intelligent clustering for energy-efficient routing in mobile wireless sensor networks. Turk. J. Electr. Eng. Comput. Sci. (2017).  https://doi.org/10.3906/elk-1706-226 Google Scholar
  25. 25.
    Sindhu, S.S.S., Geetha, S., Kannan, A.: Decision tree based light weight intrusion detection using a wrapper approach. Exp. Syst. Appl. 39(1), 129–141 (2012)CrossRefGoogle Scholar
  26. 26.
    Chonka, A., Xiang, Y., Zhou, W., Bonti, A.: Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks. J. Netw. Comput. Appl. 34(4), 1097–1107 (2011)CrossRefGoogle Scholar
  27. 27.
    Wu, Y., Tseng, H., Yang, W., Jan, R.: DDoS detection and traceback with decision tree and grey relational analysis. In: Third International Conference on Multimedia and Ubiquitous Engineering (MUE), Qingdao, China, pp. 306–314, 4–6 June 2009 (2009)Google Scholar
  28. 28.
    Datasets: KDDCUP 1999 data. In: The Fifth International Conference on Knowledge Discovery and Data Mining 1999. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
  29. 29.
    Oktay, U., Sahingoz, O.K.: Attack types and intrusion detection systems in cloud computing. In: Proceedings of 6th International Conference on Information Security & Cryptology, pp. 71–76, 23-24 May 2013Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  • Rakesh Rajendran
    • 1
  • S. V. N. Santhosh Kumar
    • 2
    Email author
  • Yogesh Palanichamy
    • 1
  • Kannan Arputharaj
    • 1
  1. 1.Department of Information Science and Technology, College of Engineering GuindyAnna UniversityChennaiIndia
  2. 2.Department of Computer Science and EngineeringSaveetha Engineering CollegeChennaiIndia

Personalised recommendations