A Novel Approach for Detection of DoS / DDoS Attack in Network Environment using Ensemble Machine Learning Model
Article Sidebar
Main Article Content
Abstract
One of the most serious threat to network security is Denial of service (DOS) attacks. Internet and computer networks are now important parts of our businesses and daily lives. Malicious actions have become more common as our reliance on computers and communication networks has grown. Network threats are a big problem in the way people communicate today. To make sure that the networks work well and that users' information is safe, the network data must be watched and analysed to find malicious activities and attacks. Flooding may be the simplest DDoS assault. Computer networks and services are vulnerable to DoS and DDoS attacks. These assaults flood target systems with malicious traffic, making them unreachable to genuine users. The work aims to enhance the resilience of network infrastructures against these attacks and ensure uninterrupted service delivery. This research develops and evaluates enhanced DoS/DDoS detection methods. DoS attacks usually stop or slow down legal computer or network use. Denial-of-service (DoS) attacks prevent genuine users from accessing and using information systems and resources. The OSI model's layers make up the computer network. Different types of DDoS strikes target different layers. The Network Layer can be broken by using ICMP Floods or Smurf Attacks. The Transport layer can be attacked using UDP Floods, TCP Connection Exhaustion, and SYN Floods. HTTP-encrypted attacks can be used to get through to the application layer. DoS/DDoS attacks are malicious attacks. Protect network data from harm. Computer network services are increasingly threatened by DoS/DDoS attacks. Machine learning may detect prior DoS/DDoS attacks. DoS/DDoS attacks proliferate online and via social media. Network security is IT's top priority. DoS and DDoS assaults include ICMP, UDP, and the more prevalent TCP flood attacks. These strikes must be identified and stopped immediately. In this work, a stacking ensemble method is suggested for detecting DoS/DDoS attacks so that our networked data doesn't get any worse. This paper used a method called "Ensemble of classifiers," in which each class uses a different way to learn. In proposed methodology Experiment#1 , I used the Home Wifi Network Traffic Collected and generated own Dataset named it as MywifiNetwork.csv, whereas in proposed methodology Experiment#2, I used the kaggle repository “NSL-KDD benchmark dataset” to perform experiments in order to find detection accuracy of dos attack detection using python language in jupyter notebook. The system detects attack-type or legitimate-type of network traffic during detection ML classification methods are used to compare how well the suggested system works. The results show that when the ensembled stacking learning model is used, 99% of the time it is able to find the problem. In proposed methodology two Experiments are implemented for comparing detection accuracy with the existing techniques. Compared to other measuring methods, we get a big step forward in finding attacks. So, our model gives a lot of faith in securing these networks. This paper will analyse the behaviour of network traffics.
Article Details
References
G A. Aljuhani, “Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking Environments,” IEEE Access, vol. 9, pp. 42236–42264, 2021, doi: 10.1109/ACCESS.2021.3062909
B. Agarwal and N. Mittal, “Hybrid Approach for Detection of Anomaly Network Traffic using Data Mining Techniques,” Procedia Technol., vol. 6, pp. 996–1003, 2012, doi: 10.1016/j.protcy.2012.10.121
Y. Wei, J. Jang-Jaccard, F. Sabrina, A. Singh, W. Xu, and S. Camtepe, “AE-MLP: A Hybrid Deep Learning Approach for DDoS Detection and Classification,” IEEE Access, vol. 9, pp. 146810–146821, 2021, doi: 10.1109/ACCESS.2021.3123791..
M. Zekri, S. El Kafhali, N. Aboutabit, and Y. Saadi, “DDoS attack detection using machine learning techniques in cloud computing environments,” Proc. 2017 Int. Conf. Cloud Comput. Technol. Appl. CloudTech 2017, vol. 2018-Janua, pp. 1–7, 2018, doi: 10.1109/CloudTech.2017.8284731.
S. Wankhede and D. Kshirsagar, “DoS Attack Detection Using Machine Learning and Neural Network,” Proc. - 2018 4th Int. Conf. Comput. Commun. Control Autom. ICCUBEA 2018, 2018, doi: 10.1109/ICCUBEA.2018.8697702.
X. Yuan, C. Li, and X. Li, “DeepDefense: Identifying DDoS Attack via Deep Learning,” 2017 IEEE Int. Conf. Smart Comput. SMARTCOMP 2017, pp. 1–8, 2017, doi: 10.1109/SMARTCOMP.2017.7946998.
M. Tayyab, B. Belaton, and M. Anbar, “ICMPV6-based DOS and DDoS attacks detection using machine learning techniques, open challenges, and blockchain applicability: A review,” IEEE Access, vol. 8, pp. 170529–170547, 2020, doi: 10.1109/ACCESS.2020.3022963.
M. Barati, A. Abdullah, N. I. Udzir, and ..., “Distributed Denial of Service detection using hybrid machine learning technique,” Biometrics …, pp. 268–273, 2014, [Online]. Available: https://ieeexplore.ieee.org/abstract/document/7013133/
B. Zhou, J. Li, J. Wu, S. Guo, Y. Gu, and Z. Li, “Machine-learning-based online distributed denial-of-service attack detection using spark streaming,” IEEE Int. Conf. Commun., vol. 2018-May, 2018, doi: 10.1109/ICC.2018.8422327.
A. R. A. Yusof, N. I. Udzir, A. Selamat, H. Hamdan, and M. T. Abdullah, “Adaptive feature selection for denial of services (DoS) attack,” 2017 IEEE Conf. Appl. Inf. Netw. Secur. AINS 2017, vol. 2018-Janua, pp. 81–84, 2017, doi: 10.1109/AINS.2017.8270429.
O. Rahman, M. A. G. Quraishi, and C. H. Lung, “DDoS attacks detection and mitigation in SDN using machine learning,” Proc. - 2019 IEEE World Congr. Serv. Serv. 2019, vol. 2642–939X, pp. 184–189, 2019, doi: 10.1109/SERVICES.2019.00051.
P. Shamsolmoali and M. Zareapoor, “Statistical-based filtering system against DDOS attacks in cloud computing,” Proc. 2014 Int. Conf. Adv. Comput. Commun. Informatics, ICACCI 2014, pp. 1234–1239, 2014, doi: 10.1109/ICACCI.2014.6968282.
Ö. ASLAN, “A Methodology to Detect Distributed Denial of Service Attacks,” Bili?im Teknol. Derg., vol. 15, no. 2, pp. 149–158, 2022, doi: 10.17671/gazibtd.1002178.
S. Nandi, S. Phadikar, and K. Majumder, “Detection of DDoS Attack and Classification Using a Hybrid Approach,” ISEA-ISAP 2020 - Proc. 3rd ISEA Int. Conf. Secur. Priv. 2020, pp. 41–47, 2020, doi: 10.1109/ISEA-ISAP49340.2020.234999.
S. Sheng, C. Wu, and X. Dong, “Research on Visualization Systems for DDoS Attack Detection,” Proc. - 2018 IEEE Int. Conf. Syst. Man, Cybern. SMC 2018, pp. 2986–2991, 2019, doi: 10.1109/SMC.2018.00507.
F. S. De Lima Filho, F. A. F. Silveira, A. De Medeiros Brito Junior, G. Vargas-Solar, and L. F. Silveira, “Smart Detection: An Online Approach for DoS/DDoS Attack Detection Using Machine Learning,” Secur. Commun. Networks, vol. 2019, 2019, doi: 10.1155/2019/1574749.
M. Kozlowski and B. Ksiezopolski, “A new method of testing machine learning models of detection for targeted DDoS attacks,” Proc. 18th Int. Conf. Secur. Cryptogr. SECRYPT 2021, no. Secrypt, pp. 728–733, 2021, doi: 10.5220/0010574507280733.
Y. Tao and S. Yu, “DDoS attack detection at local area networks using information theoretical metrics,” Proc. - 12th IEEE Int. Conf. Trust. Secur. Priv. Comput. Commun. Trust. 2013, pp. 233–240, 2013, doi: 10.1109/TrustCom.2013.32.
S. Peneti and Hemalatha, “DDOS Attack Identification using Machine Learning Techniques,” 2021 Int. Conf. Comput. Commun. Informatics, ICCCI 2021, 2021, doi: 10.1109/ICCCI50826.2021.9402441.
Y. Khosroshahi and E. Ozdemir, “Detection of Sources Being Used in DDoS Attacks,” Proc. - 6th IEEE Int. Conf. Cyber Secur. Cloud Comput. CSCloud 2019 5th IEEE Int. Conf. Edge Comput. Scalable Cloud, EdgeCom 2019, pp. 163–168, 2019, doi: 10.1109/CSCloud/EdgeCom.2019.000-1.
C. M. Bao, “Intrusion detection based on one-class SVM and SNMP MIB data,” 5th Int. Conf. Inf. Assur. Secur. IAS 2009, vol. 2, pp. 346–349, 2009, doi: 10.1109/IAS.2009.124.
T. Shon, Y. Kim, C. Lee, and J. Moon, “A machine learning framework for network anomaly detection using SVM and GA,” Proc. from 6th Annu. IEEE Syst. Man Cybern. Inf. Assur. Work. SMC 2005, vol. 2005, pp. 176–183, 2005, doi: 10.1109/IAW.2005.1495950.
M. Elsayed, N. Le-Khac, B. Dev, and R. Jurcut, "DDoSNet: A Deep-Learning Model for Detecting Network Attacks," in Proceedings of the 2020 21st International Symposium on World of Wireless, Mobile and Multimedia Networks (WoWMoM), pp. 1-6, 2020. DOI: 10.1109/wowmom49955.2020.00072.
Perez-Diaz, Valdovinos, Choo, Zhu (2020). A Flexible SDN-Based Architecture for Identifying and Mitigating Low-Rate DDoS Attacks Using Machine Learning. IEEE Access, (8), 155859-155872.https://doi.org/10.1109/access.2020.3019330
Shen (2022). An Intrusion Detection Algorithm for DDoS Attacks Based on DBN and Three-way Decisions. J. Phys.: Conf. Ser., 1(2356), 012044. https://doi.org/10.1088/1742-6596/2356/1/012044
Shieh, Nguyen, Lin, Lai, Horng, Miu (2022). Detection of Adversarial DDoS Attacks Using Symmetric Defense Generative Adversarial Networks. Electronics, 13(11), 1977. https://doi.org/10.3390/electronics11131977
Silivery, "An Effective Deep Learning Based Multi-Class Classification of DoS and DDoS Attack Detection," Int. J. Electr. Comput. Eng. Syst., vol. 4, no. 14, pp. 421-431, 2023. DOI: 10.32985/ijeces.14.4.6.
J. Jyothi, Z. Wang, S. Addepalli, and R. Karri, "BRAIN: BehavioR Based Adaptive Intrusion Detection in Networks: Using Hardware Performance Counters to Detect DDoS Attacks," in Proceedings of the 2016 29th International Conference on VLSI Design and 2016 15th International Conference on Embedded Systems (VLSID), pp. 416-421, 2016. doi: 10.1109/vlsid.2016.115.
M. A. Al-Shareeda, S. Manickam, and M. A. Saare, "DDoS attacks detection using machine learning and deep learning techniques: analysis and comparison," IEEE Transactions on Network and Service Management, vol. 12, no. 2, pp. 930-939, Apr. 2023. ISSN: 2302-9285. DOI: 10.11591/eei.v12i2.4466.
T. Ulemale, "Review on Detection of DDOS Attack using Machine Learning," International Journal for Research in Applied Science & Engineering Technology (IJRASET), vol. 10, no. 3, pp. 764-764, Mar. 2022. ISSN: 2321-9653. Available: www.ijraset.com
J. Perez-Diaz, I. Valdovinos, K. Choo, D. Zhu, "A Flexible Sdn-based Architecture For Identifying and Mitigating Low-rate Ddos Attacks Using Machine Learning", IEEE Access, vol. 8, p. 155859-155872, 2020. https://doi.org/10.1109/access.2020.3019330
Reddy, A. ., & Waheeb , M. Q. . (2022). Enhanced Pre-Processing Based Cardiac Valve Block Detection Using Deep Learning Architectures. Research Journal of Computer Systems and Engineering, 3(1), 84–89. Retrieved from https://technicaljournals.org/RJCSE/index.php/journal/article/view/47
M. Arshi, M. D. Nasreen, and K. Madhavi, "A survey of DDoS attacks using machine learning techniques," in E3S Web of Conferences, vol. 184, p. 01052, EDP Sciences, 2020. DOI: 10.1051/e3sconf/202018401052.
S. Ali and Y. Li, "Learning Multilevel Auto-Encoders for DDoS Attack Detection in Smart Grid Network," IEEE Access, vol. 7, pp. 105174-105183, 2019.
DOI: 10.1109/ACCESS.2019.2933304.
F. A. Alhaidari, "New Approach to Determine DDoS Attack Patterns on SCADA System Using Machine Learning," in Proceedings of the 2019 5th International Conference on Control, Decision and Information Technologies (CoDIT), pp. 894-898, 2019.
DOI: 10.1109/CoDIT.2019.8820477.
F. Hussain, S. G. Abbas, M. Husnain, U. U. Fayyaz, F. Shahzad, and G. A. Shah, "IoT DoS and DDoS attack detection using ResNet," in 2020 IEEE 23rd International Multitopic Conference (INMIC), pp. 1-6, IEEE, 2020. DOI: 10.1109/INMIC50486.2020.9318216.
G. Sankara Rao et al., "Security Attacks DoS/DDoS attack Detection in Networks," NeuroQuantology, vol. 20, no. 11, pp. 8452-8463, Sep. 2022, doi: 10.48047/nq.2022.20.11.NQ66839.