Abstract:In recent years there is a growing number of attacks in the computer networks. Therefore, the use of a prevention mechanism is an inevitable need for security admins. Although firewalls are preferred as the first layer of protection, it is not sufficient for preventing lots of the attacks, especially from the insider attacks. Intrusion Detection Systems (IDSs) have emerged as an effective solution to these types of attacks. For increasing the efficiency of the IDS system, a dynamic solution, which can adapt it… Show more
“…The final dataset contains over 150,000 data points. This dataset comprises 7853 DoS attack testing results and 53,385 DoS attack training results [190]. The dataset is available for free download at [191] in flow-based format.…”
In recent times, distributed denial of service (DDoS) has been one of the most prevalent security threats in internet-enabled networks, with many internet of things (IoT) devices having been exploited to carry out attacks. Due to their inherent security flaws, the attacks seek to deplete the resources of the target network by flooding it with numerous spoofed requests from a distributed system. Research studies have demonstrated that a DDoS attack has a considerable impact on the target network resources and can result in an extended operational outage if not detected. The detection of DDoS attacks has been approached using a variety of methods. In this paper, a comprehensive survey of the methods used for DDoS attack detection on selected internet-enabled networks is presented. This survey aimed to provide a concise introductory reference for early researchers in the development and application of attack detection methodologies in IoT-based applications. Unlike other studies, a wide variety of methods, ranging from the traditional methods to machine and deep learning methods, were covered. These methods were classified based on their nature of operation, investigated as to their strengths and weaknesses, and then examined via several research studies which made use of each approach. In addition, attack scenarios and detection studies in emerging networks such as the internet of drones, routing protocol based IoT, and named data networking were also covered. Furthermore, technical challenges in each research study were identified. Finally, some remarks for enhancing the research studies were provided, and potential directions for future research were highlighted.
“…The final dataset contains over 150,000 data points. This dataset comprises 7853 DoS attack testing results and 53,385 DoS attack training results [190]. The dataset is available for free download at [191] in flow-based format.…”
In recent times, distributed denial of service (DDoS) has been one of the most prevalent security threats in internet-enabled networks, with many internet of things (IoT) devices having been exploited to carry out attacks. Due to their inherent security flaws, the attacks seek to deplete the resources of the target network by flooding it with numerous spoofed requests from a distributed system. Research studies have demonstrated that a DDoS attack has a considerable impact on the target network resources and can result in an extended operational outage if not detected. The detection of DDoS attacks has been approached using a variety of methods. In this paper, a comprehensive survey of the methods used for DDoS attack detection on selected internet-enabled networks is presented. This survey aimed to provide a concise introductory reference for early researchers in the development and application of attack detection methodologies in IoT-based applications. Unlike other studies, a wide variety of methods, ranging from the traditional methods to machine and deep learning methods, were covered. These methods were classified based on their nature of operation, investigated as to their strengths and weaknesses, and then examined via several research studies which made use of each approach. In addition, attack scenarios and detection studies in emerging networks such as the internet of drones, routing protocol based IoT, and named data networking were also covered. Furthermore, technical challenges in each research study were identified. Finally, some remarks for enhancing the research studies were provided, and potential directions for future research were highlighted.
“…Intrusion detection is a widely researched subject in literature (Özgür & Erdem 2012, Sahingoz 2019. In our example problem, an intrusion detection classifier should be decided for a resource constrained environment, such as a micro-controller with a low RAM and less powerful CPU environment.…”
Section: Decision Analysis and Resolution (Dar): Intrusion Detection mentioning
Digitalization, Industry 4.0 and Internet of things (IoT) have become more popular in the recent years. Most of these systems depend on micro-controllers and sensors. These micro-controllers and sensors are mostly cheap, low RAM and low CPU systems; thus, they are resource constrained environments. In this study, a supervised learning classifier comparison technique suitable for resource constrained environments is proposed. This technique, Decision Analysis and Resolution (DAR), is originated in the domain of Software Engineering. First, DAR is explained using an example of car buying scenario. Then 11 off-the-shelf classifiers are compared using DAR for low RAM and less powerful CPU environments in an intrusion detection scenario. This scenario simulated on wellknown KDD99 intrusion detection dataset. All the experiments are realized using python scikit-learn package. According to the experiments, Decision Tree classifier is the most suitable to implement for resource constrained environments with a small lead. Results for the other three classifiers (Bagging, Multi Layer Perceptron, Random Forest) are also very similar. To aid the reproducibility of the experiments, the whole source code of the study is provided in the popular open source repository https://github.com/atiozgur/classifier-comparison-using-DAR.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.