Protocol Specific Multi-Threaded Network Intrusion Detection System (PM-NIDS) for DoS/DDoS Attack Detection in Cloud

Patil, Rajendra; Dudeja, Harsha; Gawade, Snehal; Modi, Chirag

doi:10.1109/icccnt.2018.8494130

Cited by 19 publications

(5 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A protocol-based network intrusion detection system was designed by Patil et al (2018) to detect DoS/DDoS attacks in networks. In this system, Incoming packets were distributed according to the protocol and queued for additional processing.…”

Section: Related Workmentioning

confidence: 99%

Enhanced Attacks Detection and Mitigation in Software Defined Networks

Forbacha,

Kinteh,

Hamza

2024

AJCE

View full text Add to dashboard Cite

Purpose: The main aim of this research project was to develop a security simulation and mitigation mechanism for Software Defined Networking (SDN) deploying machine learning algorithms. Materials and Methods: Applied research method was used whereby attacks were initially detected and classified using machine learning algorithms on the CiCDDoS2019 dataset; next a SDN virtual network was created through simulation in Mininet plus captured network data from the environment and finally applied machine learning algorithms to detect and mitigate the attacks in case of an attack occurrence. Findings: Results showed higher rates of attack detection and lower false positive rates. Hence our system could be used in real life environments for attack detection and mitigation. However, the conditions and networks traffic would be different per the network configurations and tasks performed in the network environment Implications to Theory, Practice and Policy: Based on the findings and knowledge acquired, some key recommendations for successful implementation of an Enhanced attack and detection scheme in SDN include: Use deep learning and ensemble learning as the system will have an awareness of its state and hence have better accuracy and less false alarm rates, conducting thorough feature analysis and selection based on statistical techniques, correlation analysis, and domain knowledge, experimenting with multiple algorithms like deep neural networks, ensemble learning algorithms, optimizing the system to minimize computational overhead and ensure real-time processing, performing the study on a real world sdn environment to ensure proper knowledge of the data flow patterns in real world environments and use multiple datasets in the implementation of the system.

show abstract

Section: Related Workmentioning

confidence: 99%

Enhanced Attacks Detection and Mitigation in Software Defined Networks

Forbacha,

Kinteh,

Hamza

2024

AJCE

View full text Add to dashboard Cite

show abstract

“…Sunny Behal et al proposed an Internet service provider (ISP) level distributed and flexible defense system [ 16 ]. Patil, R. et al designed a Protocol Specific Multi-Threaded Network Intrusion Detection System (PM-NIDS), where the incoming packets are queued, extracted, and classified [ 17 ]. Chenxu Wang et al proposed a defense system of detecting and mitigating application layer DDoS attacks, mainly by filtering mechanisms, including a whitelist and a blacklist [ 18 ].…”

Section: Related Workmentioning

confidence: 99%

DDoS Flood and Destination Service Changing Sensor

Hsu

Lee

Wang

et al. 2021

Sensors

View full text Add to dashboard Cite

In this paper, we aim to detect distributed denial of service (DDoS) attacks, and receive a notification of destination service, changing immediately, without the additional efforts of other modules. We designed a kernel-based mechanism to build a new Transmission Control Protocol/Internet Protocol (TCP/IP) connection smartly by the host while the users or clients not knowing the location of the next host. Moreover, we built a lightweight flooding attack detection mechanism in the user mode of an operating system. Given that reinstalling a modified operating system on each client is not realistic, we managed to replace the entry of the system call table with a customized sys_connect. An effective defense depends on fine detection and defensive procedures. In according with our experiments, this novel mechanism can detect flooding DDoS successfully, including SYN flood and ICMP flood. Furthermore, through cooperating with a specific low cost network architecture, the mechanism can help to defend DDoS attacks effectively.

show abstract

“…The availability of the training and the testing dataset results in attack patterns to generate the optimal features [12]. Patil et al [13] developed a multithreaded based intrusion detection system to extract the accurate features in the cloud system.…”

Section: Related Workmentioning

confidence: 99%

“…The output obtained from the RBM 1 hidden layer is passed as input to the second RBM, and the output obtained from RBM layer 2 is fed as input to the MLP layer. The feature vector is the input to the visible layer of RBM1, and the output from the hidden layer of the RBM 1 is expressed as equation ( 12) and (13).…”

Section: Deep Belief Network For Attack Detectionmentioning

confidence: 99%

Fuzzy-Taylor-elephant herd optimization inspired Deep Belief Network for DDoS attack detection and comparison with state-of-the-arts algorithms

Velliangiri¹,

Pandey

2020

Future Generation Computer Systems

View full text Add to dashboard Cite

Cloud computing environment support resource sharing as cloud service over the internet. It enables the users to outsource data into the cloud server that can be accessed remotely from various devices distributed geographically. Accessing resources from the cloud causes various security issues as the attackers try to illegally access the data. The distributed denial of service (DDoS) attack is one of the security concern in the cloud server. DDoS is a kind of cyber attack which disrupt normal traffic of targeted cloud server (or any other servers). In this paper, we propose an effective fuzzy and taylor-elephant herd optimization (FT-EHO) inspired by deep belief network (DBN) classifier for detecting the DDoS attack. FT-EHO uses taylor series and elephant heard optimization algorithm along with a fuzzy classifier for rules learning. The performance of the proposed FT-EHO is evaluated through rigorous computer simulations. Three standard benckmark databases, namely, KDD cup, database1 and database2 are used during simulations. Four quality measures such as accuracy, detection accurarcy, precision and recall are considered as a performance metrics. FT-EHO's performance is compared against the state-ofthe-art methods considering the evaluation metrics. Results reveals that the proposed FT-EHO showed significantly higher value of evaluation metrics (accuracy (93.811%), detection rate (97.200%), precision (94.981%) and recall (93.833%)) as compared to other methods.

show abstract

Protocol Specific Multi-Threaded Network Intrusion Detection System (PM-NIDS) for DoS/DDoS Attack Detection in Cloud

Cited by 19 publications

References 6 publications

Enhanced Attacks Detection and Mitigation in Software Defined Networks

Enhanced Attacks Detection and Mitigation in Software Defined Networks

DDoS Flood and Destination Service Changing Sensor

Fuzzy-Taylor-elephant herd optimization inspired Deep Belief Network for DDoS attack detection and comparison with state-of-the-arts algorithms

Contact Info

Product

Resources

About