Ensemble Classifiers with Drift Detection (ECDD) in Traffic Flow Streams to Detect DDOS Attacks
- 48 Downloads
Malfunction of internet networking systems might directly and the adverse effect in one way or the other, wherein aspects of contemporary information and communication technologies. In such conditions, DDoS attacks are prevalent threat, wherein flooding of requests related to computation and communication resources for ordering the service that is unavailable for legitimate users. DDOS attacks to be defend to guard the Critical resources. The contribution of this manuscript is an ensemble classifier model to defend the DDOS attacks. The Proposed model is based on ensemble classifier with drift detection ability at the service request stream level. The proposed model incorporates the process of defining service request streaming characteristics, enables the drift detection ability that uses the defined service request stream characteristics. The experimental study carried out from the setup established using synthesized service request stream, and the result obtained are explored using statistical metrics such as true negative rate, positive predictive value, accuracy. Moreover, the significance of the model elevated by comparing the obtained results with results obtained from other benchmark models depicted in contemporary literature.
KeywordsDenial of service (DoS) attacks Distributed DoS (DDoS) attacks Application layer DDoS (APP-DDoS) Ensemble classifier model
- 3.Najafabadi, M. M., et al. (2016). RUDY attack: Detection at the network level and its important features. In The twenty-ninth international flairs conference (pp. 288–293). Marco Island: Hilton.Google Scholar
- 7.Claise, B., Trammell, B., & Aitken, P. (2013). Specification of the IP flow information export (IPFIX) protocol for the exchange of flow information. No. RFC 7011.Google Scholar
- 9.Akamai: Akamai’s [State of the Internet]/Security Q1/2016 Report. http://www.akamai.com/ State of The Internet (2016).
- 10.Alkasassbeh, M., et al. (2016). Detecting distributed denial of service attacks using data mining techniques. International Journal of Advanced Computer Science and Applications 7(1).Google Scholar
- 12.Bivens, A., et al. (2002). Network-based intrusion detection using neural networks. Intelligent Engineering Systems through Artificial Neural Networks, 12(1), 579–584.Google Scholar
- 14.Vijayasarathy, R., Raghavan, S. V., & Ravindran, B. (2011). A system approach to network modeling for DDoS detection using a Naive Bayesian classifier. In IEEE third international conference on communication systems and networks (COMSNETS) (pp. 1–10), Bangalore.Google Scholar
- 16.Pan, W., & Weihua, L. (2005). A hybrid neural network approach to the classification of novel attacks for intrusion detection. In International symposium on parallel and distributed processing and applications. Springer: Berlin.Google Scholar
- 17.Norouzian, M. R., & Merati, S. (2011). Classifying attacks in a network intrusion detection system based on artificial neural networks. In IEEE 13th international conference on advanced communication technology (ICACT), Republic of Korea, (pp. 868–873).Google Scholar
- 18.Haddadi, F., et al. (2010). Intrusion detection and attack classification using feed-forward neural network. In Second International Conference on Computer and Network Technology, Minneapolis, MN, USA (pp. 262–266).Google Scholar
- 19.Zhang, Z., Li, J., Manikopoulos, C. N., Jorgenson, J., & Ucles, J. (2001). HIDE: A hierarchical network intrusion detection system using statistical preprocessing and neural network classification. In Proceedings of IEEE Workshop on Information Assurance and Security, United States, (pp. 85–90).Google Scholar
- 20.Karimazad, R., & Faraahi, A. (2011). An anomaly-based method for DDoS attacks detection using RBF neural networks. In Proceedings of the international conference on network and electronics engineering , Singapore (pp. 16–18).Google Scholar
- 21.Jawale, M. D. R., & Bhusari, V. (2014). Technique to detect and classify attacks in nids using ann, pp. 75–81.Google Scholar
- 22.Barford, P., & Plonka, D. (2001). Characteristics of network traffic flow anomalies. In Proceedings of the 1st ACM SIGCOMM workshop on internet measurement. Cambridge: ACM.Google Scholar
- 23.Kalliola, A., Lee, K., Lee, H., & Aura, T. (2015). Flooding DDoS mitigation and traffic management with software defined networking. In IEEE 4th international conference on cloud networking (CloudNet), Canada (pp. 248–254).Google Scholar
- 24.Seufert, S., & O’Brien, D. (2007). Machine learning for automatic defence against distributed denial of service attacks. In IEEE international conference on communications, ICC’07, Scotland (pp. 1217–1222).Google Scholar
- 25.Berral, Josep L., et al. (2008). Adaptive distributed mechanism against flooding network attacks based on machine learning. In Proceedings of the 1st ACM workshop on Workshop on AISec, ACM.Google Scholar
- 27.Srimuang, W., & Intarasothonchun, S. (2015). Classification model of network intrusion using weighted extreme learning machine. In 12th IEEE international joint conference on computer science and software engineering (JCSSE), Thailand (pp. 190–194).Google Scholar
- 31.Revathi, S., & Malathi, A. (2013). A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection. International Journal of Engineering 2(12).Google Scholar
- 32.KDD data set, 1999. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
- 33.The CAIDA, ‘‘DDoS Attack 2007’’, Dataset Paul Hick, Emile Aben, kc claffy, Josh Polterock. Available from http://www.caida.org/data/passive/ddos-20070804dataset.xml.
- 34.CAIDA UCSD Network telescope, ‘‘Three days of conficker’’ – November 2008, Paul Hick, Emile Aben, Dan Andersen, kcclaffy. Available from http://www.caida.org/data/passive/telescope-3days-conficker_dataset.xml.
- 35.Sommer, R., & Paxson, V. (2010). Outside the closed world: On using machine learning for network intrusion detection. In IEEE symposium on security and privacy (SP).Google Scholar
- 36.Behal, Sunny, & Kumar, Krishan. (2017). Characterization and comparison of DDoS attack tools and traffic generators: A review. IJ Network Security, 19(3), 383–393.Google Scholar
- 37.Badve, O. P., & Gupta, B. B. (2016). Taxonomy of recent DDoS attack prevention, detection, and response schemes in cloud environment. In Proceedings of the international conference on recent cognizance in wireless communication & image processing. Springer: New Delhi.Google Scholar
- 38.Kiran, S., Mohapatra, A., & Swamy, R. (2015). Experiences in performance testing of web applications with Unified Authentication platform using Jmeter. In International symposium on technology management and emerging technologies (ISTMET).Google Scholar
- 39.Powers, D. M. (2011). Evaluation: From precision, recall and F-measure to ROC, informedness, markedness and correlation.Google Scholar
- 40.An, T. K., & Kim, M. H. (2010). A new diverse AdaBoost classifier. In IEEE computer society proceedings of the international conference on artificial intelligence and computational intelligence, China (Vol. 01, pp. 359–363).Google Scholar