Application-Layer DDOS Detection Based on a One-Class Support Vector Machine

She, Chuyu; Wen, Weisong; Lin, Zaihua; Zheng, Kesong

doi:10.5121/ijnsa.2017.9102

Cited by 13 publications

(2 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…When comparing the performance of our E2G with papers that cite and use the N-BaIoT dataset, our RF and DT E2G models outperformed the models in articles from [25]- [29] by showing close to 100% detection rates. Next, when compared with the standard host-based [18]- [20] and networkdeployed [21]- [23] approaches (from Section II-C), users can benefit more when they use our E2G models because of their standalone, offline attack detection capabilities that protect devices even when connected to dubious networks by mistake.…”

Section: F Comparing E2g Results With Other Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Edge2Guard: Botnet Attacks Detecting Offline Models for Resource-Constrained IoT Devices

Sudharsan

Sundaram

Patel

et al. 2021

2021 IEEE International Conference on Pervasive Computing and Communications Workshops and Other Affiliated Events (PerCom Work

View full text Add to dashboard Cite

In today's IoT smart environments, dozens of MCUbased connected device types exist such as HVAC controllers, smart meters, smoke detectors, etc. The security conditions for these essential IoT devices remain unsatisfactory since: (i) many of them are built with cost as the driving design tenet, resulting in poor configurations and open design; (ii) their memory and computational resource constraints make it highly challenging to implement practical attack protection mechanisms; and (iii) currently, manufacturers use simplified light protocol versions to save memory for extra features (to boost sales). When such issues and vulnerabilities are exploited, devices can be compromised and converted into bots whereby severe DDoS attacks can be launched by a botmaster. Such tiny devices are safe only when connected to networks with defense mechanisms installed in their networking devices like routers and switches, which might not be present everywhere, e.g. on public/free Wi-Fi networks. To safeguard tiny IoT devices from cyberattacks, we provide resource-friendly standalone attack detection models termed Edge2Guard (E2G) that enable MCU-based IoT devices to instantly detect IoT attacks without depending on networks or any external protection mechanisms. During evaluation, our top-performing E2G models detected and classified ten types of Mirai and Bashlite malware with close to 100% detection rates.

show abstract

Section: F Comparing E2g Results With Other Methodsmentioning

confidence: 99%

“…A wide variety of ML algorithms are available to detect attacks in IoT environments. Article [25] presents an OC-SVM detection mechanism for application-layer DDoS attacks. Honeypots [26] detect botnet DDoS attacks by capturing device malware installation attempts using unsupervised methods.…”

Section: ML Techniques To Detect Botnetsmentioning

confidence: 99%

Edge2Guard: Botnet Attacks Detecting Offline Models for Resource-Constrained IoT Devices

Sudharsan

Sundaram

Patel

et al. 2021

2021 IEEE International Conference on Pervasive Computing and Communications Workshops and Other Affiliated Events (PerCom Work

View full text Add to dashboard Cite

show abstract

Trends in Application of Machine Learning to Network-Based Intrusion Detection Systems

Hrabovsky

Segeč

Moravčík

et al. 2018

Communications in Computer and Information Science

View full text Add to dashboard Cite

Real-time big data processing for anomaly detection: A Survey

Habeeb¹,

Nasaruddin²,

Gani³

et al. 2019

International Journal of Information Management

309

View full text Add to dashboard Cite

The advent of connected devices and omnipresence of Internet have paved way for intruders to attack networks, which leads to cyber-attack, financial loss, information theft in healthcare, and cyber war. Hence, network security analytics has become an important area of concern and has gained intensive attention among researchers, off late, specifically in the domain of anomaly detection in network, which is considered crucial for network security. However, preliminary investigations have revealed that the existing approaches to detect anomalies in network are not effective enough, particularly to detect them in real time. The reason for the inefficacy of current approaches is mainly due the amassment of massive volumes of data though the connected devices. Therefore, it is crucial to propose a framework that effectively handles real time big data processing and detect anomalies in networks. In this regard, this paper attempts to address the issue of detecting anomalies in real time. Respectively, this paper has surveyed the state-of-the-art real-time big data processing technologies related to anomaly detection and the vital characteristics of associated machine learning algorithms. This paper begins with the explanation of essential contexts and taxonomy of real-time big data processing, anomalous detection, and machine learning algorithms, followed by the review of big data processing technologies. Finally, the identified research challenges of real-time big data processing in anomaly detection are discussed.

show abstract

Application-Layer DDOS Detection Based on a One-Class Support Vector Machine

Cited by 13 publications

References 22 publications

Edge2Guard: Botnet Attacks Detecting Offline Models for Resource-Constrained IoT Devices

Edge2Guard: Botnet Attacks Detecting Offline Models for Resource-Constrained IoT Devices

Trends in Application of Machine Learning to Network-Based Intrusion Detection Systems

Real-time big data processing for anomaly detection: A Survey

Contact Info

Product

Resources

About