A transparent and scalable anomaly-based DoS detection method

Joldzic, Ognjen; Djuric, Zoran; Vuletić, Pavle

doi:10.1016/j.comnet.2016.05.004

Cited by 35 publications

(21 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To be more specific, IDSs are widely deployed in various distributed systems, perceiving the malicious intrusions and then taking rapid countermeasures to prevent further infections and spread. In general, IDSs can be classified into two major categories based on detection mechanisms: anomaly and misuse detection [42].…”

Section: Introductionmentioning

confidence: 99%

Building an efficient intrusion detection system based on feature selection and ensemble classifier

et al. 2020

View full text Add to dashboard Cite

A B S T R A C T Intrusion detection system (IDS) is one of extensively used techniques in a network topology to safeguard the integrity and availability of sensitive assets in the protected systems. Although many supervised and unsupervised learning approaches from the field of machine learning have been used to increase the efficacy of IDSs, it is still a problem for existing intrusion detection algorithms to achieve good performance. First, lots of redundant and irrelevant data in high-dimensional datasets interfere with the classification process of an IDS. Second, an individual classifier may not perform well in the detection of each type of attacks. Third, many models are built for stale datasets, making them less adaptable for novel attacks. Thus, we propose a new intrusion detection framework in this paper, and this framework is based on the feature selection and ensemble learning techniques. In the first step, a heuristic algorithm called CFS-BA is proposed for dimensionality reduction, which selects the optimal subset based on the correlation between features. Then, we introduce an ensemble approach that combines C4.5, Random Forest (RF), and Forest by Penalizing Attributes (Forest PA) algorithms. Finally, voting technique is used to combine the probability distributions of the base learners for attack recognition. The experimental results, using NSL-KDD, AWID, and CIC-IDS2017 datasets, reveal that the proposed CFS-BA-Ensemble method is able to exhibit better performance than other related and state of the art approaches under several metrics.

show abstract

Section: Introductionmentioning

confidence: 99%

Building an efficient intrusion detection system based on feature selection and ensemble classifier

et al. 2020

View full text Add to dashboard Cite

show abstract

“…This proposed system also addresses the problem of data shifts. In [40], the authors proposed a system that distributes the trac load among various trac processors for scalability. In [41], a detection and mitigation architecture is proposed.…”

Section: Sdn Basedmentioning

confidence: 99%

Distributed denial of service attack detection in cloud computing using hybrid extreme learning machine

Kushwah¹,

Ranga²

2021

Turk J Elec Eng & Comp Sci

View full text Add to dashboard Cite

One of the major security challenges in cloud computing is Distributed denial of service (DDoS) attacks. In these attacks, multiple nodes are used to attack the cloud by sending a large number of requests. This results in the unavailability of cloud services to legitimate users. In this research paper, a hybrid machine learning-based technique has been proposed which is a combination of extreme learning machine (ELM) model and blackhole optimization algorithm. The proposed technique is used to implement a DDoS attack detection system for cloud computing. Various experiments have been performed with the help of four benchmark datasets namely, NSL KDD, ISCX IDS 2012, CICIDS2017, and CICDDoS2019, to evaluate the performance of our proposed technique. It achieves an accuracy of 99.23%, 92.19%, 99.50%, 99.80% with NSL KDD, ISCX IDS 2012, CICIDS2017, and CICDDoS2019, respectively. The performance comparison with other techniques based on ELM, ANN trained with blackhole optimization, backpropagation ANN, and other state-of-the-art techniques is also performed.

show abstract

“…The main benefit of their system is that the effective identification and the detection of malware attacks. Joldzic et al (2016) presented a solution which is distributed and scalable for detecting the lower level DoS attacks which are affecting the regular services of network.…”

Section: Work On Cloud Securitymentioning

confidence: 99%

“…Authors did not use any soft computing approaches for making effective decisions over cluster head selection and attacks. In cloud security, Joldzic et al (2016) presented a solution for detecting the DoS attacks. Even though, they did not achieve best detection accuracy even concentrate with single attack.…”

Section: Comparative Analysismentioning

confidence: 99%

Intelligent Intrusion Detection Techniques for Secure Communications in Wireless Networks: A Survey

Prabha

Jeyanthi

2018

IJAIP

View full text Add to dashboard Cite

A transparent and scalable anomaly-based DoS detection method

Cited by 35 publications

References 14 publications

Building an efficient intrusion detection system based on feature selection and ensemble classifier

Building an efficient intrusion detection system based on feature selection and ensemble classifier

Distributed denial of service attack detection in cloud computing using hybrid extreme learning machine

Intelligent Intrusion Detection Techniques for Secure Communications in Wireless Networks: A Survey

Contact Info

Product

Resources

About