Abstract
Technological advancements in the information systems and networks are the outcome of potential developments resulting in the networking and communications. The role of Critical Infrastructure is playing a vital role in imparting the condition of effective information systems management. However, with some of the negative developments like DDoS attacks that impact the operations of network application systems, there are adverse set of issues encountered. With the rising number of DDoS attacks phenomenon, researchers have focused on developing contemporary solutions that can support in thwarting such attacks. From the review of such models in the literature review, it is imperative that two distinct dimensions like the detection and mitigation accuracy levels has scope for improvement and profoundly majority of such models were tested on the static datasets which are not pragmatic. Considering such equations, the model proposed in this manuscript focused on a contemporary range of solution that can be high on accuracy rate and also is tested over the dynamic dataset to understand the efficacy of the system. Using the ensemble classifiers comprising drift detection features, at service request stream level, the proposed solution if implemented can lead to better levels of detection. Experimental study of the model carried out using the service request stream that is synthesized is tested based on statistical metrics like accuracy, prediction value and true negative rates. Significance of the model is imperative in terms of results generated and its comparative analysis to the other bench-mark models in the segment.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Palmieri, F., Ricciardi, S., Fiore, U., Ficco, M., Castiglione, A.: Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures. J. Supercomput. 5(71), 1620–1641 (2015)
Yan, Q., Yu, F.R., Gong, Q., Li, J.: Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: a survey, some research issues, and challenges. IEEE Commun. Surv. Tutor. 18(1), 602–622 (2016)
Najafabadi, M.M., Khoshgoftaar, T.M., Napolitano, A., Wheelus, C.: RUDY attack: detection at the network level and its important features. In: FLAIRS Conference, 30 March 2016, pp. 288–293
Prasad, K.M., Reddy, A.R., Rao, K.V.: BIFAD: bio-inspired anomaly based HTTP-flood attack detection. Wirel. Pers. Commun. 97(1), 281–308 (2017)
Vivin Sandar, S., Shenai, S.: Economic denial of sustainability (EDOS) in cloud services using http and xml based DDOS attacks. Int. J. Comput. Appl. 41(20), 11–16 (2012)
Iglesias, F., Zseby, T.: Analysis of network traffic features for anomaly detection. Mach. Learn. 1, 101 (2015)
Claise, B., Trammell, B., Aitken, P.: Specification of the IP flow information export (IPFIX) protocol for the exchange of flow information. Request for Comments 7011 (2013)
Cambiaso, E., Papaleo, G., Aiello, M.: Taxonomy of slow DoS attacks to web applications. In: Recent Trends in Computer Networks and Distributed Systems Security, pp. 195–204 (2012)
Akamai: Akamai’s [State of the Internet]/Security Q1/2016 Report. http://www.akamai.com/StateofTheInternet (2016)
Alkasassbeh, M., Al-Naymat, G., Hassanat, A.B., Almseidin, M.: Detecting distributed denial of service attacks using data mining techniques. Int. J. Adv. Comput. Sci. Appl. 7(1), 436–445 (2016)
Loukas, G., Öke, G.: Protection against denial of service attacks: a survey. Comput. J. 53(7), 1020–1037 (2009)
Palagiri, C.: Network-Based Intrusion Detection Using Neural Networks, pp. 12180–13590. Department of Computer Science Rensselaer Polytechnic Institute Troy, New York (2002)
Apale, S., Kamble, R., Ghodekar, M., Nemade, H., Waghmode, R.: Defense mechanism for DDoS attack through machine learning. Int. J. Res. Eng. Technol. 3(10), 291–294 (2014)
Vijayasarathy, R., Raghavan, S.V., Ravindran, B.: A system approach to network modeling for DDoS detection using a Naive Bayesian classifier. In: Third International Conference on Communication Systems and Networks (COMSNETS), 4 January 2011, pp. 1–10. IEEE, Los Alamitos (2011)
Lu, K., Wu, D., Fan, J., Todorovic, S., Nucci, A.: Robust and efficient detection of DDoS attacks for large-scale internet. Comput. Netw. 51(18), 5036–5056 (2007)
Pan, W., Li, W.: A hybrid neural network approach to the classification of novel attacks for intrusion detection. In: International Symposium on Parallel and Distributed Processing and Applications, pp. 564–575 (2005)
Norouzian, M.R., Merati, S.: Classifying attacks in a network intrusion detection system based on artificial neural networks. In: 2011 13th International Conference on Advanced Communication Technology (ICACT), 13 February 2011, pp. 868–873. IEEE, Los Alamitos (2011)
Haddadi, F., Khanchi, S., Shetabi, M., Derhami, V.: Intrusion detection and attack classification using feed-forward neural network. In: Proceedings of the 2010 Second International Conference on Computer and Network Technology, 23 April 2010, pp. 262–266. IEEE Computer Society, Washington DC (2010)
Jorgenson, J., Manikopoulos, C., Li, J., Zhang, Z.: A hierarchical anomaly network intrusion detection system using neural network classification. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, June 2001
Karimazad, R., Faraahi, A.: An anomaly-based method for DDoS attacks detection using RBF neural networks. In: Proceedings of the International Conference on Network and Electronics Engineering, vol. 11, pp. 44–48, 16 September 2011
Jawale, M.D., Bhusari, V.: Technique to detect and classify attacks in NIDS using ANN. Int. J. Emerg. Res. Manag. Technol. 3(10), 75–81 (2014)
Gupta, B.B., Badve, O.P.: Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a cloud computing environment. Neural Comput. Appl. 28(12), 3655–3682 (2017)
Huang, Z., Liu, S., et al.: Insight of the protection for data security under selective opening attacks. Inf. Sci. 12, 223–241 (2017)
Alomari, E., Gupta, B.B., Karuppayah, S.: Botnet-based distributed denial of service (DDoS) attacks on web servers: classification and art. Int. J. Comput. Appl. 49(7), 24–32 (2012)
Chen, X., Huang, X., Li, J., Ma, J., Lou, W., Wong, D.S.: New algorithms for secure outsourcing of large-scale systems of linear equations. IEEE Trans. Inf. Forensics Security 10(1), 38 (2015)
Barford, P., Plonka, D.: Characteristics of network traffic flow anomalies. In: Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement, 1 November 2001, pp. 69–73. ACM, New York (2001)
Kalliola, A., Lee, K., Lee, H., Aura, T.: Flooding DDoS mitigation and traffic management with software defined networking. In: 2015 IEEE 4th International Conference on Cloud Networking (CloudNet), 5 October 2015, pp. 248–254. IEEE, Los Alamitos (2015)
Seufert, S., O’Brien, D.: Machine learning for automatic defence against distributed denial of service attacks. In: IEEE International Conference on Communications, 2007 (ICC’07), 24 June 2007, pp. 1217–1222. IEEE, Los Alamitos (2007)
Berral, J.L., Poggi, N., Alonso, J., Gavalda, R., Torres, J., Parashar, M.: Adaptive distributed mechanism against flooding network attacks based on machine learning. In: Proceedings of the 1st ACM workshop on Workshop on AISec 27 October 2008, pp. 43–50. ACM, New York (2008)
Huang, G.B., Zhou, H., Ding, X., Zhang, R.: Extreme learning machine for regression and multiclass classification. IEEE Trans. Syst. Man Cybernet. Part B (Cybernetics) 42(2), 513–529 (2012)
Srimuang, W., Intarasothonchun, S.: Classification model of network intrusion using Weighted Extreme Learning Machine. In: 2015 12th International Joint Conference on Computer Science and Software Engineering (JCSSE), 22 July 2015, pp. 190–194. IEEE, Los Alamitos (2015)
Fossaceca, J.M., Mazzuchi, T.A., Sarkani, S.: MARK-ELM: application of a novel Multiple Kernel Learning framework for improving the robustness of Network Intrusion Detection. Expert Syst. Appl. 42(8), 4062–4080 (2015)
Kumar, P.A., Selvakumar, S.: Detection of distributed denial of service attacks using an ensemble of adaptive and hybrid neuro-fuzzy systems. Comput. Commun. 36(3), 303–319 (2013)
Ghasemi, A., Zahediasl, S.: Normality tests for statistical analysis: a guide for non-statisticians. Int. J. Endocrinol. Metab. 10(2), 486 (2012)
Jech, T.: Set Theory. Springer, Berlin (2013)
Revathi, S., Malathi, A.: A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection. Int. J. Eng. Res. Technol. 2(12), 1848–1853 (2013)
KDD data set, http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html (1999)
The CAIDA: “DDoS Attack 2007”. Dataset Paul Hick, Emile Aben, kc claffy, Josh Polterock. http://www.caida.org/data/passive/ddos-20070804dataset.xml (2007)
CAIDA UCSD Network telescope: “Three days of conficker”—November 2008, Paul Hick, Emile Aben, Dan Andersen, kc claffy. www.caida.org/data/passive/telescope-3days-conficker_dataset.xml (2008)
Sommer, R., Paxson, V.: Outside the closed world: On using machine learning for network intrusion detection. In: 2010 IEEE Symposium on Security and Privacy (SP), 16 May 2010, pp. 305–316. IEEE, Los Alamitos (2010)
Behal, S., Kumar, K.: Characterization and comparison of DDoS attack tools and traffic generators: a review. Int. J. Netw. Security 19(3), 383–393 (2017)
Kiran, S., Mohapatra, A., Swamy, R.: Experiences in performance testing of web applications with Unified Authentication platform using Jmeter. In: 2015 International Symposium on Technology Management and Emerging Technologies (ISTMET), 25 August 2015, pp. 74–78. IEEE, Los Alamitos (2015)
Badve, O.P., Gupta, B.B.: Taxonomy of recent DDoS attack prevention, detection, and response schemes in cloud environment. In: Proceedings of the International Conference on Recent Cognizance in Wireless Communication & Image Processing 2016, pp. 683–693. Springer, New Delhi
Jia, B., Huang, X., Liu, R., Ma, Y.: A DDoS attack detection method based on hybrid heterogeneous multiclassifier ensemble learning. J. Electr. Comput. Eng. 2017(2), 1–9 (2017)
Powers, D.M.: Evaluation: from precision, recall and F-measure to ROC, informedness, markedness and correlation. J. Mach. Learn. Technol. 2(1), 37–63 (2011)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Prasad, K.M., Reddy, A.R.M. & Rao, K.V. DEFAD: ensemble classifier for DDOS enabled flood attack defense in distributed network environment. Cluster Comput 21, 1765–1783 (2018). https://doi.org/10.1007/s10586-018-2808-5
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-018-2808-5