Cited By
View all- Zhao JLiu YZhang QZheng X(2023)CNN-AttBiLSTM Mechanism: A DDoS Attack Detection Method Based on Attention Mechanism and CNN-BiLSTMIEEE Access10.1109/ACCESS.2023.333491611(136308-136317)Online publication date: 2023
A multi-filter feature selection in detecting distributed denial-of-service attack
Pages 57 - 62
Abstract
Distributed Denial of Services (DDoS) has become the most intrusive security threat on the Internet. Flash crowd attack is the most challenging problem among the attacks which targeting the web server during the Flash Events (FEs). It mimics the behaviour of legitimate users and sends high rate malicious traffics toward the server and block the normal users from using the desired services. Thus, making it hard to detect and successfully bypasses the detection mechanism. The key semantic difference between FEs and DDoS is that the former represents legitimate access of the website while the latter does not. However, this does not help in discriminating them automatically. The behavioural differences between the two have to be developed after understanding their individual properties. In this research, a Multi-Filter Feature Selection (M2FS) method is proposed by combining the 3 filter methods which are Information Gain (IG), Gain Ratio (GR) and ReliefF. It consists of 3-stage procedures: feature ranking, feature selection and classification. Subsequently, an experimental evaluation of the proposed Multi-Filter Feature Selection (M2FS) method is performed by using the benchmark dataset, NSL-KDD and employed the J48 classification algorithm. The performance of the proposed M2FS method is evaluated by multi-criteria that take into account which are classification accuracy, True Positive Rate (TPR), False Positive Rate (FPR) and time to build the model. Meanwhile, the performance of effectiveness of the proposed M2FS method is then compared with the existing feature selection methods and also the proposed M2FS with PCA. In addition, the proposed M2FS method is developed through WEKA API with Java Programming language using the IDE of Eclipse Java. The findings show that the proposed M2FS method is effectively reduced the 41 features to 14 features and produced a high accuracy, high TPR, low FPR and shorter time build when compared to other existing feature selection methods.
References
[1]
Bhatia, S. 2013. Detecting distributed denial-of-service attacks and flash events. Queensland University of Technology.
[2]
Wang, C., Yao, H., & Liu, Z. (2018). An efficient DDoS detection based on SU-Genetic feature selection. Cluster Computing. DOI=http://
[3]
Gavrilis, D., Chatzis, I., & Dermatas, E. (2007). Flash crowd detection using decoy hyperlinks. Paper presented at IEEE International Conference on the Networking, Sensing and Control, 2007.
[4]
Prasad, K. M., Reddy, A. R. M., & Rao, K. V. (2013). Discriminating ddos attack traffic from flash crowds on internet threat monitors (itm) using entropy variations. African Journal of Computing & ICT, 6(2), 53.
[5]
Yu, L., & Liu, H. (2003). Feature selection for high-dimensional data: A fast correlation-based filter solution. Paper presented at the Proceedings of the 20th international conference on machine learning (ICML-03).
[6]
Kaushik, S. (2016). Introduction to Feature Selection methods with an example (or how to select the right variables?). Retrieved from https://www.analyticsvidhya.com/blog/2016/12/introduction-to-feature-selection-methods-with-an-example-or-how-to-select-the-right-variables
[7]
Bhattacharya, S., & Selvakumar, S. (2016). Multi-Measure Multi-Weight Ranking Approach for the Identification of the Network Features for the Detection of DoS and Probe Attacks. The Computer Journal, 59(6), 923--943.
[8]
Xue, B., Zhang, M., Browne, W. N., & Yao, X. (2016). A survey on evolutionary computation approaches to feature selection. IEEE Transactions on Evolutionary Computation, 20(4), 606--626.
[9]
Saito, S., Shirakawa, S., & Akimoto, Y. (2018). Embedded feature selection using probabilistic model-based optimization. Paper presented at the Proceedings of the Genetic and Evolutionary Computation Conference Companion.
[10]
Harbola, A., Harbola, J., & Vaisla, K. S. (2014). Improved intrusion detection in DDoS applying feature selection using rank & score of attributes in KDD-99 data set. Paper presented at International Conference on the Computational Intelligence and Communication Networks (CICN), 2014.
[11]
Pajouh, H. H., Javidan, R., Khayami, R., Ali, D., & Choo, K.-K. R. (2016). A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks. IEEE Transactions on Emerging Topics in Computing.
[12]
Osanaiye, O., Cai, H., Choo, K.-K. R., Dehghantanha, A., Xu, Z., & Dlodlo, M. (2016). Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. EURASIP Journal on Wireless Communications and Networking, 2016(1), 130.
[13]
Yusof, A. R. a., Hamdan, H., Udzir, N. I., Abdullah, M. T., & Selamat, A. (2017). Adaptive feature selection for denial of services (DoS) attack. Paper presented at IEEE Conference on the Application, Information and Network Security (AINS), 2017.
[14]
Pham, N. T., Foo, E., Suriadi, S., Jeffrey, H., & Lahza, H. F. M. (2018). Improving performance of intrusion detection system using ensemble methods and feature selection. Paper presented at the Proceedings of the Australasian Computer Science Week Multiconference, Brisband, Queensland, Australia.
[15]
Salo, F., Nassif, A. B., & Essex, A. (2018). Dimensionality Reduction with IG-PCA and Ensemble Classifier for Network Intrusion Detection. Computer Networks.
[16]
Beretta, L., & Santaniello, A. (2011). Implementing ReliefF filters to extract meaningful features from genetic lifetime datasets. Journal of biomedical informatics, 44(2), 361--369.
[17]
Tuv, E., Borisov, A., Runger, G., & Torkkola, K. (2009). Feature selection with ensembles, artificial variables, and redundancy elimination. Journal of Machine Learning Research, 10(Jul), 1341--1366.
[18]
Kohavi, R. (1995). A study of cross-validation and bootstrap for accuracy estimation and model selection. Paper presented at the Ijcai.
[19]
Rodriguez, J. D., Perez, A., & Lozano, J. A. (2009). Sensitivity analysis of k-fold cross validation in prediction error estimation. IEEE transactions on pattern analysis and machine intelligence, 32(3), 569--575.
Index Terms
- A multi-filter feature selection in detecting distributed denial-of-service attack
Recommendations
Distributed denial-of-service attack detection scheme-based joint-entropy
Distributed denial-of-service (DDoS) attacks present an increasing threat to the global inter-networking infrastructure. While entropy schemes are highly robust to diverse network conditions, they remain vulnerable to distribute attacks that are similar ...
Surviving Distributed Denial-of-Service Attacks
A series of distributed denial-of-service (DDoS) attacks were launched against computer systems and services in the US and South Korea beginning July 4th. A DDoS attack is an attempt to make a computer service unavailable to its intended users. The ...
A misuse pattern for distributed denial-of-service attack in network function virilization
PLoP '19: Proceedings of the 26th Conference on Pattern Languages of ProgramsNetwork Function Virtualization (NFV) takes advantage of cloud-based virilization to offer scalable and flexible network functions such as switches, routers, load balancers, and domain name systems (DNSs). These virtualized network functions (VNFs) are ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
November 2019
153 pages
Copyright © 2019 ACM.
© 2019 Association for Computing Machinery. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 10 January 2020
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
- Universiti Malaysia Sabah
Conference
ICTCE 2019
ICTCE 2019: 2019 The 3rd International Conference on Telecommunications and Communication Engineering
November 9 - 12, 2019
Tokyo, Japan
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 104Total Downloads
- Downloads (Last 12 months)5
- Downloads (Last 6 weeks)0
Reflects downloads up to 14 Dec 2024
Other Metrics
Citations
Cited By
View all- Zhao JLiu YZhang QZheng X(2023)CNN-AttBiLSTM Mechanism: A DDoS Attack Detection Method Based on Attention Mechanism and CNN-BiLSTMIEEE Access10.1109/ACCESS.2023.333491611(136308-136317)Online publication date: 2023
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in