Skip to main content

An approach for detecting LDoS attack based on cloud model

Abstract

Cybersecurity has always been the focus of Internet research. An LDoS attack is an intelligent type of DoS attack, which reduces the quality of network service by periodically sending high-speed but short-pulse attack traffic. Because of its concealment and low average rate, the traditional DoS attack detection methods are challenging to be effective. The existing LDoS attack detection methods generally have the problems of high FPR and FNR. A cloud model-based LDoS attack detection method is proposed, and a classifier based on SVM is used to train and classify the feature parameters. The detection method is verified and tested in the NS2 simulation platform and Test-bed network environment. Compared with the existing research results, the proposed method requires fewer samples, and it has lower FPR and FNR.

This is a preview of subscription content, access via your institution.

References

  1. Kuzmanovic A, Knightly E W. Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants. In: Proceedings of the 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. 2003, 75–86

  2. Wu Z, Li W, Liu L, Yue M. Low-rate DoS attacks, detection, defense, and challenges: a survey. IEEE Access, 2020, 8: 43920–43943

    Article  Google Scholar 

  3. Liu Q, Peng Y, Wu J, Wang T, Wang G. Secure multi-keyword fuzzy searches with enhanced service quality in cloud computing. IEEE Transactions on Network and Service Management, 2021, 18(2): 2046–2062

    Article  Google Scholar 

  4. Li X, Liu S, Wu F, Kumari S, Rodrigues J J P C. Privacy preserving data aggregation scheme for mobile edge computing assisted IoT applications. IEEE Internet of Things Journal, 2019, 6(3): 4755–4763

    Article  Google Scholar 

  5. Liang W, Xiao L, Zhang K, Tang M, He D, Li K C. Data fusion approach for collaborative anomaly intrusion detection in blockchain-based systems. IEEE Internet of Things Journal, 2021

  6. Patel S, Gupta B, Sharma V. Throughput analysis of AQM schemes under low-rate Denial of service attacks. In: Proceedings of 2016 International Conference on Computing, Communication and Automation (ICCCA). 2016, 551–554

  7. Rahman M U, Rahman Z U, Fayaz M, Abbas S, ShahSani R K. Performance analysis of TCP/AQM under low-rate denial-of-service attacks. In: Proceedings of 2016 International Conference on Inventive Computation Technologies. 2016, 1–5

  8. Chen Z, Pham T N D, Yeo C K, Lee B S, Lau C T. FRRED: fourier robust RED algorithm to detect and mitigate LDoS attacks. In: Proceedings of Zooming Innovation in Consumer Electronics International Conference. 2017, 13–17

  9. Kaur K P, Kaur N, Singh G. Simulation and comparison of various queuing algorithms based on their performance using CPR approach in detection of LDDoS attacks. International Journal of Computer Applications, 2014, 93(10): 7–13

    Article  Google Scholar 

  10. Cao Y, Ji R, Ji L, Bao M, Tao L, Yang W. Can multipath TCP be robust to Cyber Attacks? A measuring study of MPTCP with active queue management algorithms. Security and Communication Networks, 2021, 2021: 9963829

    Google Scholar 

  11. Kwok Y K, Tripathi R, Chen Y, Hwang K. HAWK: halting anomalies with weighted choking to rescue well-behaved TCP sessions from shrew DDoS attacks. In: Proceedings of the 3rd International Conference on Networking and Mobile Computing. 2005, 423–432

  12. Zhang J, Hu H P, Liu B, Chen X. Method to counter LDoS attack based on the average length of packet in the queue. In: Proceedings of International Conference of China Communication and Technology. 2010, 418–421

  13. Zhang C, Cai Z, Chen W, Luo X, Yin J. Flow level detection and filtering of low-rate DDoS. Computer Networks, 2012, 56(15): 3417–3431

    Article  Google Scholar 

  14. Guo Y, Duan H, Chen J, Miao F. MAF-SAM: an effective method to perceive data plane threats of inter domain routing system. Computer Networks, 2016, 110: 69–78

    Article  Google Scholar 

  15. Wu Z, Yue M, Li D, Xie K. SEDP-based detection of low-rate DoS attacks. International Journal of Communication Systems, 2015, 28(11): 1772–1788

    Article  Google Scholar 

  16. Cotae P, Kang M, Velazquez A. Spectral analysis of low rate of denial of service attacks detection based on fisher and Siegel tests. In: Proceedings of 2016 IEEE International Conference on Communications. 2016, 1–6

  17. Ain A, Bhuyan M H, Bhattacharyya D K, Kalita J K. Rank correlation for low-rate DDoS attack detection: an empirical evaluation. International Journal of Network Security, 2016, 18(3): 474–480

    Google Scholar 

  18. Wu Z, Jun J, Meng Y. A particle filter-based approach for effectively detecting low-rate denial of service attacks. In: Proceedings of International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery. 2016, 86–90

  19. Wu Z J, Zhang H T, Wang M H, Pei B S. MSABMS-based approach of detecting LDoS attack. Computers & Security, 2012, 31(4): 402–417

    Article  Google Scholar 

  20. Tang D, Tang L, Dai R, Chen J, Li X, Rodrigues J J P C. MF-Adaboost: LDoS attack detection based on multi-features and improved Adaboost. Future Generation Computer Systems, 2020, 106: 347–359

    Article  Google Scholar 

  21. Yue M, Liu L, Wu Z, Wang M. Identifying LDoS attack traffic based on wavelet energy spectrum and combined neural network. International Journal of Communication Systems, 2018, 31(2): e3449

    Article  Google Scholar 

  22. Tang D, Man J, Tang L, Feng Y, Yang Q. WEDMS: an advanced mean shift clustering algorithm for LDoS attacks detection. Ad Hoc Networks, 2020, 102: 102145

    Article  Google Scholar 

  23. Wu Z, Zhang L, Yue M. Low-rate DoS attacks detection based on network multifractal. IEEE Transactions on Dependable and Secure Computing, 2016, 13(5): 559–567

    Article  Google Scholar 

  24. Zhang X, Wu Z, Chen J, Yue M. An adaptive KPCA approach for detecting LDoS attack. International Journal of Communication Systems, 2017, 30(4): e2993

    Article  Google Scholar 

  25. Zhan S, Tang D, Man J, Dai R, Wang X. Low-rate DoS attacks detection based on MAF-ADM. Sensors, 2020, 20(1): 189

    Article  Google Scholar 

  26. Liu L, Wang H, Wu Z, Yue M. The detection method of low-rate DoS attack based on multi-feature fusion. Digital Communications and Networks, 2020, 6(4): 504–513

    Article  Google Scholar 

  27. Tang D, Feng Y, Zhang S, Qin Z. FR-RED: fractal residual based realtime detection of the LDoS attack. IEEE Transactions on Reliability, 2021, 70(3): 1143–1157

    Article  Google Scholar 

  28. Tang D, Zhang S, Chen J, Wang X. The detection of low-rate DoS attacks using the SADBSCAN algorithm. Information Sciences, 2021, 565: 229–247

    MathSciNet  Article  Google Scholar 

  29. Li D. Artificial intelligence with uncertainty. In: Proceedings of the 4th International Conference on Computer and Information Technology. 2004, 15(11): 1583–1594

  30. Qin B, Zhou X, Yang J, Song C. Grey-theory based intrusion detection model. Journal of Systems Engineering and Electronics, 2006, 17(1): 230–235

    Article  Google Scholar 

  31. Fall K, Varadhan K. The ns manual (formerly ns notes and documentation). The VINT Project, 2005, 47: 19–231

    Google Scholar 

  32. Li D, Liu C, Gan W. A new cognitive model: cloud model. International Journal of Intelligent Systems, 2009, 24(3): 357–375

    Article  Google Scholar 

  33. Cristianini N, Shawe-Taylor J. Linear learning machines. In: Cristianini N, Shawe-Taylor J, eds. An Introduction to Support Vector Machines and Other Kernel-Based Learning Methods. Cambridge: Cambridge University Press, 2000, 9–25

    Chapter  Google Scholar 

  34. Cortes C, Vapnik V. Support-vector networks. Machine Learning, 1995, 20(3): 273–297

    MATH  Google Scholar 

  35. Wu Z J, Yue M. Detection of LDDoS attack based on Kalman filtering. Acta Electronica Sinica, 2008, 36(8): 1590–1594

    Google Scholar 

Download references

Acknowledgements

This work was supported by the National Natural Science Foundation of China (Grant Nos. 61772189,61772191), and the Hunan Provincial Natural Science Foundation of China (2019JJ40037).

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Wei Shi.

Additional information

Wei Shi received bachelor’s degree in computer science and technology from Jiangxi Normal University, China in 2018. She is now a postgraduate student in College of Computer Science and Electronic Engineering, Hunan University, China. The current research direction is network attack detection.

Dan Tang is an associate professor of College of Computer Science and Electronic Engineering, Hunan University, China. He received the PhD degree from Huazhong University of Science and Technology, China in 2014. His research interests include the areas of computer network security, computer information security, and architecture of future Internet.

Sijia Zhan received the BS degree in software engineering from South-central University for nationalities, China in 2017. She is a currently master degree candidate in College of Computer Science and Electronic Engineering, Hunan University, China. Her current research interest is network security.

Zheng Qin received the PhD degree in computer software and theory from Chongqin University, China in 2001. He is a professor of computer science and technology in Hunan University, China. He is a member of China Computer Federation (CCF) and ACM. His main interests are computer network and information security, cloud computing, big data processing and software engineering. He has accumulated rich experience in products development and application services, such as in the area of financial, medical, military and education sectors.

Xiyin Wang entered Hunan Normal University, China in September 2015. She is currently a senior majoring in Electronic Commerce in Hunan normal university, China. Her research direction is cyber-space security.

Electronic supplementary material

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Shi, W., Tang, D., Zhan, S. et al. An approach for detecting LDoS attack based on cloud model. Front. Comput. Sci. 16, 166821 (2022). https://doi.org/10.1007/s11704-022-0486-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11704-022-0486-1

Keywords

  • cybersecurity
  • LDoS attack
  • cloud model
  • SVM