Skip to main content
SpringerLink
Log in

A Novel Big Data Analytics Approach for Supporting Cyber Attack Detection via Non-linear Analytic Prediction of IP Addresses

  • Conference paper
  • First Online:
Computational Science and Its Applications – ICCSA 2020 (ICCSA 2020)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12249))

Included in the following conference series:

Abstract

Computer network systems are often subject to several types of attacks. For example the distributed Denial of Service (DDoS) attack introduces an excessive traffic load to a web server to make it unusable. A popular method for detecting attacks is to use the sequence of source IP addresses to detect possible anomalies. With the aim of predicting the next IP address, the Probability Density Function of the IP address sequence is estimated. Prediction of source IP address in the future access to the server is meant to detect anomalous requests. In other words, during an access to the server, only predicted IP addresses are permitted and all others are blocked. The approaches used to estimate the Probability Density Function of IP addresses range from the sequence of IP addresses seen previously and stored in a database to address clustering, normally used by combining the K-Means algorithm. Instead, in this paper we consider the sequence of IP addresses as a numerical sequence and develop the nonlinear analysis of the numerical sequence. We used nonlinear analysis based on Volterra’s Kerners and Hammerstein’s models. The experiments carried out with datasets of source IP address sequences show that the prediction errors obtained with Hammerstein models are smaller than those obtained both with the Volterra Kernels and with the sequence clustering by means of the K-Means algorithm.

A. Cuzzocrea—This research has been made in the context of the Excellence Chair in Computer Engineering – Big Data Management and Analytics at LORIA, Nancy, France.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    ftp://ita.ee.lbl.gov/html/contrib/WorldCup.html.

References

  1. Agrawal, A., Casanova, H.: Clustering hosts in P2P and global computing platforms, pp. 367–373, June 2003. https://doi.org/10.1109/CCGRID.2003.1199389

  2. Arlitt, M., Jin, T., Hewlett-Packard Laboratories: A workload characterization study of the 7998 world cup web site

    Google Scholar 

  3. Bonifati, A., Cuzzocrea, A.: Storing and retrieving XPath fragments in structured P2P networks. Data Knowl. Eng. 59(2), 247–269 (2006)

    Article  Google Scholar 

  4. Cerone, V., Fadda, E., Regruto, D.: A robust optimization approach to kernel-based nonparametric error-in-variables identification in the presence of bounded noise. In: 2017 American Control Conference (ACC). IEEE, May 2017. https://doi.org/10.23919/acc.2017.7963056

  5. Chatzimilioudis, G., Cuzzocrea, A., Gunopulos, D., Mamoulis, N.: A novel distributed framework for optimizing query routing trees in wireless sensor networks via optimal operator placement. J. Comput. Syst. Sci. 79(3), 349–368 (2013)

    Article  MathSciNet  Google Scholar 

  6. Cuzzocrea, A.: Combining multidimensional user models and knowledge representation and management techniques for making web services knowledge-aware. Web Intell. Agent Syst. 4(3), 289–312 (2006)

    Google Scholar 

  7. Cuzzocrea, A., Bertino, E.: Privacy preserving OLAP over distributed XML data: a theoretically-sound secure-multiparty-computation approach. J. Comput. Syst. Sci. 77(6), 965–987 (2011)

    Article  MathSciNet  Google Scholar 

  8. Cuzzocrea, A., Moussa, R., Xu, G.: OLAP*: effectively and efficiently supporting parallel OLAP over big data. In: Cuzzocrea, A., Maabout, S. (eds.) MEDI 2013. LNCS, vol. 8216, pp. 38–49. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-41366-7_4

    Chapter  Google Scholar 

  9. Cuzzocrea, A., Russo, V.: Privacy preserving OLAP and OLAP security. In: Encyclopedia of Data Warehousing and Mining, Second Edition (4 Volumes), pp. 1575–1581 (2009)

    Google Scholar 

  10. Dietrich, S., Long, N., Dittrich, D.: Analyzing distributed denial of service tools: the shaft case, pp. 329–339, December 2000

    Google Scholar 

  11. Fadda, E., Perboli, G., Tadei, R.: Customized multi-period stochastic assignment problem for social engagement and opportunistic IoT. Comput. Oper. Res. 93, 41–50 (2018)

    Article  MathSciNet  Google Scholar 

  12. Goldstein, M., Lampert, C., Reif, M., Stahl, A., Breuel, T.: Bayes optimal DDoS mitigation by adaptive history-based IP filtering. In: Seventh International Conference on Networking (ICN 2008), pp. 174–179 (2008)

    Google Scholar 

  13. Jung, J., Krishnamurthy, B., Rabinovich, M.: Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites, pp. 293–304, January 2002. https://doi.org/10.1145/511446.511485

  14. Makhoul, J.: Linear prediction: a tutorial review. Proc. IEEE 63(4), 561–580 (1975)

    Article  Google Scholar 

  15. Pack, G., Yoon, J., Collins, E., Estan, C.: On filtering of DDoS attacks based on source address prefixes, pp. 1–12, August 2006. https://doi.org/10.1109/SECCOMW.2006.359537

  16. Peng, Z., Changming, C.: Volterra series theory: a state-of-the-art review. Chin. Sci. Bull. (Chin. Version) 60, 1874 (2015). https://doi.org/10.1360/N972014-01056

  17. Tan, H.X., Seah, W.: Framework for statistical filtering against DDoS attacks in MANETs, p. 8, January 2006. https://doi.org/10.1109/ICESS.2005.57

  18. Peng, T., Leckie, C., Ramamohanarao, K.: Protection from distributed denial of service attacks using history-based IP filtering. In: IEEE International Conference on Communications 2003, ICC 2003, vol. 1, pp. 482–486 (2003)

    Google Scholar 

  19. Yang, Y., Lung, C.H.: The role of traffic forecasting in QoS routing - a case study of time-dependent routing, vol. 1, pp. 224–228, June 2005. https://doi.org/10.1109/ICC.2005.1494351

  20. Zhao, H., Zhang, J.: Adaptively combined FIR and functional link artificial neural network equalizer for nonlinear communication channel. IEEE Trans. Neural Netw. 20(4), 665–674 (2009)

    Article  Google Scholar 

Download references

Acknowledgements

This research has been partially supported by the French PIA project “Lorraine Université d’Excellence”, reference ANR-15-IDEX-04-LUE.

Author information

Authors and Affiliations

  1. University of Calabria, Rende, Italy

    Alfredo Cuzzocrea

  2. LORIA, Nancy, France

    Alfredo Cuzzocrea

  3. University of Trieste, Trieste, Italy

    Enzo Mumolo & Marco Tessarotto

  4. Politecnico di Torino, Torino, Italy

    Edoardo Fadda

  5. ISIRES, Torino, Italy

    Edoardo Fadda

Authors
  1. Alfredo Cuzzocrea
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Enzo Mumolo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Edoardo Fadda
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Marco Tessarotto
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alfredo Cuzzocrea .

Editor information

Editors and Affiliations

  1. University of Perugia, Perugia, Italy

    Osvaldo Gervasi

  2. University of Basilicata, Potenza, Potenza, Italy

    Beniamino Murgante

  3. Chair- Center of ICT/ICE, Covenant University, Ota, Nigeria

    Sanjay Misra

  4. University of Cagliari, Cagliari, Italy

    Chiara Garau

  5. University of Cagliari, Cagliari, Italy

    Ivan Blečić

  6. Clayton School of Information Technology, Monash University, Clayton, VIC, Australia

    David Taniar

  7. Department of Information Science, Kyushu Sangyo University, Fukuoka, Japan

    Bernady O. Apduhan

  8. University of Minho, Braga, Portugal

    Ana Maria A.C. Rocha

  9. Polytechnic University of Bari, Bari, Italy

    Eufemia Tarantino

  10. Polytechnic University of Bari, Bari, Italy

    Carmelo Maria Torre

  11. Department of Neurology, University of Massachusetts Medical School, Worcester, MA, USA

    Yeliz Karaca

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cuzzocrea, A., Mumolo, E., Fadda, E., Tessarotto, M. (2020). A Novel Big Data Analytics Approach for Supporting Cyber Attack Detection via Non-linear Analytic Prediction of IP Addresses. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2020. ICCSA 2020. Lecture Notes in Computer Science(), vol 12249. Springer, Cham. https://doi.org/10.1007/978-3-030-58799-4_70

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-58799-4_70

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-58798-7

  • Online ISBN: 978-3-030-58799-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation