Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems

Kumar, P. Arun Raj; Selvakumar, S.

doi:10.1016/j.comcom.2012.09.010

Cited by 107 publications

(18 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The results acquired from the proposed approach have demonstrated the importance and strength of the model to achieve the objectives deliberated for the solution. To detect the DDoS attack, the researchers introduced many detector schemes such as RBF-NN [27], adaptive and hybrid neuro-fuzzy systems [17], distributed state estimation methods based on ADMM [28], adaptive hybrid IDS [19].…”

Section: Related Workmentioning

confidence: 99%

“…With the intention of reducing computational costs and improving IDS classification performance, several machine learning techniques with Chi-square (CHI), Information gain (IG) [16] and Correlation-based Feature Selection (CFS) such as filter techniques [17] are used in this study. The filter technique based on the ranking approach sorts the features according to their usefulness in the classification movement.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Distributed Denial-of-Service Prediction on IoT Framework by Learning Techniques

Dwivedi

Vardhan

Tripathi

2020

Open Computer Science

View full text Add to dashboard Cite

Distributed denial-of-service (DDoS) attacks on the Internet of Things (IoT) pose a serious threat to several web-based networks. The intruder’s ability to deal with the power of various cooperating devices to instigate an attack makes its administration even more multifaceted. This complexity can be further increased while lots of intruders attempt to overload an attack against a device. To counter and defend against modern DDoS attacks, several effective and powerful techniques have been used in the literature, such as data mining and artificial intelligence for the intrusion detection system (IDS), but they have some limitations. To overcome the existing limitations, in this study, we propose an intrusion detection mechanism that is an integration of a filter-based selection technique and a machine learning algorithm, called information gain-based intrusion detection system (IGIDS). In addition, IGIDS selects the most relevant features from the original IDS datasets that can help to distinguish typical low-speed DDoS attacks and, then, the selected features are passed on to the classifiers, i.e. support vector machine (SVM), decision tree (C4.5), naïve Bayes (NB) and multilayer perceptron (MLP) to detect attacks. The publicly available datasets as KDD Cup 99, CAIDA DDOS Attack 2007, CONFICKER worm, and UNINA traffic traces, are used for our experimental study. From the results of the simulation, it is clear that IGIDS with C4.5 acquires high detection and accuracy with a low false-positive rate.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Distributed Denial-of-Service Prediction on IoT Framework by Learning Techniques

Dwivedi

Vardhan

Tripathi

2020

Open Computer Science

View full text Add to dashboard Cite

show abstract

“…The work in [26] detect DDoS attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems. Multiple features from TCP flows are extracted and utilized in detection, assuming no payload inspection, showing a high detection rate.…”

Section: Related Workmentioning

confidence: 99%

Trustworthy DDoS Defense: Design, Proof of Concept Implementation and Testing

Eid

Aida

2017

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

Distributed Denial of Service (DDoS) attacks based on HTTP and HTTPS (i.e., HTTP(S)-DDoS) are increasingly popular among attackers. Overlay-based mitigation solutions attract small and mediumsized enterprises mainly for their low cost and high scalability. However, conventional overlay-based solutions assume content inspection to remotely mitigate HTTP(S)-DDoS attacks, prompting trust concerns. This paper reports on a new overlay-based method which practically adds a third level of client identification (to conventional per-IP and per-connection). This enhanced identification enables remote mitigation of more complex HTTP(S)-DDoS categories without content inspection. A novel behaviorbased reputation and penalty system is designed, then a simplified proof of concept prototype is implemented and deployed on DeterLab. Among several conducted experiments, two are presented in this paper representing a single-vector and a multi-vector complex HTTP(S)-DDoS attack scenarios (utilizing LOIC, Slowloris, and a custom-built attack tool for HTTPS-DDoS). Results show nearly 99.2% reduction in attack traffic and 100% chance of legitimate service. Yet, attack reduction decreases, and cost in service time (of a specified file) rises, temporarily during an approximately 2 minutes mitigation time. Collateral damage to non-attacking clients sharing an attack IP is measured in terms of a temporary extra service time. Only the added identification level was utilized for mitigation, while future work includes incorporating all three levels to mitigate switching and multi-request per connection attack categories.

show abstract

“…Recent studies [4,5,6,7,8,9,10,11,12,13] proposed some methods to filter malicious packets and verify intruder attempts by monitoring the impact of user behavior on the service level agreement, the network attacks are more towards a specific computer than the entire network. Therefore, we need to monitor some computers whose conservation is given priority status.…”

Section: Introductionmentioning

confidence: 99%

A Novel Topology Link-Controlling Approach for Active Defense of Nodes in Networks

et al. 2017

Sensors

View full text Add to dashboard Cite

With the rapid development of virtual machine technology and cloud computing, distributed denial of service (DDoS) attacks, or some peak traffic, poses a great threat to the security of the network. In this paper, a novel topology link control technique and mitigation attacks in real-time environments is proposed. Firstly, a non-invasive method of deploying virtual sensors in the nodes is built, which uses the resource manager of each monitored node as a sensor. Secondly, a general topology-controlling approach of resisting the tolerant invasion is proposed. In the proposed approach, a prediction model is constructed by using copula functions for predicting the peak of a resource through another resource. The result of prediction determines whether or not to initiate the active defense. Finally, a minority game with incomplete strategy is employed to suppress attack flows and improve the permeability of the normal flows. The simulation results show that the proposed approach is very effective in protecting nodes.

show abstract

Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems

Cited by 107 publications

References 47 publications

Distributed Denial-of-Service Prediction on IoT Framework by Learning Techniques

Distributed Denial-of-Service Prediction on IoT Framework by Learning Techniques

Trustworthy DDoS Defense: Design, Proof of Concept Implementation and Testing

A Novel Topology Link-Controlling Approach for Active Defense of Nodes in Networks

Contact Info

Product

Resources

About