Abstract
Computer network systems are often subject to several types of attacks. For example the distributed Denial of Service (DDoS) attack introduces an excessive traffic load to a web server to make it unusable. A popular method for detecting attacks is to use the sequence of source IP addresses to detect possible anomalies. With the aim of predicting the next IP address, the Probability Density Function of the IP address sequence is estimated. Prediction of source IP address in the future access to the server is meant to detect anomalous requests. In other words, during an access to the server, only predicted IP addresses are permitted and all others are blocked. The approaches used to estimate the Probability Density Function of IP addresses range from the sequence of IP addresses seen previously and stored in a database to address clustering, normally used by combining the K-Means algorithm. Instead, in this paper we consider the sequence of IP addresses as a numerical sequence and develop the nonlinear analysis of the numerical sequence. We used nonlinear analysis based on Volterra’s Kerners and Hammerstein’s models. The experiments carried out with datasets of source IP address sequences show that the prediction errors obtained with Hammerstein models are smaller than those obtained both with the Volterra Kernels and with the sequence clustering by means of the K-Means algorithm.
A. Cuzzocrea—This research has been made in the context of the Excellence Chair in Computer Engineering – Big Data Management and Analytics at LORIA, Nancy, France.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Agrawal, A., Casanova, H.: Clustering hosts in P2P and global computing platforms, pp. 367–373, June 2003. https://doi.org/10.1109/CCGRID.2003.1199389
Arlitt, M., Jin, T., Hewlett-Packard Laboratories: A workload characterization study of the 7998 world cup web site
Bonifati, A., Cuzzocrea, A.: Storing and retrieving XPath fragments in structured P2P networks. Data Knowl. Eng. 59(2), 247–269 (2006)
Cerone, V., Fadda, E., Regruto, D.: A robust optimization approach to kernel-based nonparametric error-in-variables identification in the presence of bounded noise. In: 2017 American Control Conference (ACC). IEEE, May 2017. https://doi.org/10.23919/acc.2017.7963056
Chatzimilioudis, G., Cuzzocrea, A., Gunopulos, D., Mamoulis, N.: A novel distributed framework for optimizing query routing trees in wireless sensor networks via optimal operator placement. J. Comput. Syst. Sci. 79(3), 349–368 (2013)
Cuzzocrea, A.: Combining multidimensional user models and knowledge representation and management techniques for making web services knowledge-aware. Web Intell. Agent Syst. 4(3), 289–312 (2006)
Cuzzocrea, A., Bertino, E.: Privacy preserving OLAP over distributed XML data: a theoretically-sound secure-multiparty-computation approach. J. Comput. Syst. Sci. 77(6), 965–987 (2011)
Cuzzocrea, A., Moussa, R., Xu, G.: OLAP*: effectively and efficiently supporting parallel OLAP over big data. In: Cuzzocrea, A., Maabout, S. (eds.) MEDI 2013. LNCS, vol. 8216, pp. 38–49. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-41366-7_4
Cuzzocrea, A., Russo, V.: Privacy preserving OLAP and OLAP security. In: Encyclopedia of Data Warehousing and Mining, Second Edition (4 Volumes), pp. 1575–1581 (2009)
Dietrich, S., Long, N., Dittrich, D.: Analyzing distributed denial of service tools: the shaft case, pp. 329–339, December 2000
Fadda, E., Perboli, G., Tadei, R.: Customized multi-period stochastic assignment problem for social engagement and opportunistic IoT. Comput. Oper. Res. 93, 41–50 (2018)
Goldstein, M., Lampert, C., Reif, M., Stahl, A., Breuel, T.: Bayes optimal DDoS mitigation by adaptive history-based IP filtering. In: Seventh International Conference on Networking (ICN 2008), pp. 174–179 (2008)
Jung, J., Krishnamurthy, B., Rabinovich, M.: Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites, pp. 293–304, January 2002. https://doi.org/10.1145/511446.511485
Makhoul, J.: Linear prediction: a tutorial review. Proc. IEEE 63(4), 561–580 (1975)
Pack, G., Yoon, J., Collins, E., Estan, C.: On filtering of DDoS attacks based on source address prefixes, pp. 1–12, August 2006. https://doi.org/10.1109/SECCOMW.2006.359537
Peng, Z., Changming, C.: Volterra series theory: a state-of-the-art review. Chin. Sci. Bull. (Chin. Version) 60, 1874 (2015). https://doi.org/10.1360/N972014-01056
Tan, H.X., Seah, W.: Framework for statistical filtering against DDoS attacks in MANETs, p. 8, January 2006. https://doi.org/10.1109/ICESS.2005.57
Peng, T., Leckie, C., Ramamohanarao, K.: Protection from distributed denial of service attacks using history-based IP filtering. In: IEEE International Conference on Communications 2003, ICC 2003, vol. 1, pp. 482–486 (2003)
Yang, Y., Lung, C.H.: The role of traffic forecasting in QoS routing - a case study of time-dependent routing, vol. 1, pp. 224–228, June 2005. https://doi.org/10.1109/ICC.2005.1494351
Zhao, H., Zhang, J.: Adaptively combined FIR and functional link artificial neural network equalizer for nonlinear communication channel. IEEE Trans. Neural Netw. 20(4), 665–674 (2009)
Acknowledgements
This research has been partially supported by the French PIA project “Lorraine Université d’Excellence”, reference ANR-15-IDEX-04-LUE.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Cuzzocrea, A., Mumolo, E., Fadda, E., Tessarotto, M. (2020). A Novel Big Data Analytics Approach for Supporting Cyber Attack Detection via Non-linear Analytic Prediction of IP Addresses. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2020. ICCSA 2020. Lecture Notes in Computer Science(), vol 12249. Springer, Cham. https://doi.org/10.1007/978-3-030-58799-4_70
Download citation
DOI: https://doi.org/10.1007/978-3-030-58799-4_70
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-58798-7
Online ISBN: 978-3-030-58799-4
eBook Packages: Computer ScienceComputer Science (R0)