Comprehensive Study of Various Techniques for Detecting DDoS Attacks in Cloud Environment

Singh, Navdeep; Hans, Abhinav; Kumar, K. S. Kavi; Birdi, Mohit Pal Singh

doi:10.14257/ijgdc.2015.8.3.12

Cited by 6 publications

(4 citation statements)

References 10 publications

(10 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Much research has been dedicated to DDoS attack-detection technology. Soft computing or artificial-intelligence methods are widely used in attack-detection [4]. Depending on the analysis method, DDoS detection methods can be classified into the three types of misuse, anomaly-based, and hybrid detection.…”

Section: Related Researchmentioning

confidence: 99%

See 1 more Smart Citation

Flow Correlation Degree Optimization Driven Random Forest for Detecting DDoS Attacks in Cloud Computing

Cheng¹,

Tang

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

Distributed denial-of-service (DDoS) has caused major damage to cloud computing, and the false- and missing-alarm rates of existing DDoS attack-detection methods are relatively high in cloud environment. In this paper, we propose a DDoS attack-detection method with enhanced random forest (RF) optimized by genetic algorithm based on flow correlation degree (FCD) feature. We define the FCD feature according to the asymmetric and semidirectivity interaction characteristics and use the two-tuples FCD feature consisting of packet-statistical degree (PSD) and semidirectivity interaction abnormality (SDIA) to describe the features of attack flow and normal flow. Then we use a genetic algorithm based on the FCD feature sequences to optimize two key parameters of the decision tree in the RF: the maximum number of decision trees and the maximum depth of every single decision tree. We apply the trained RF model with optimized parameters to generate the classifier to be used for DDoS attack-detection. The experiment shows that the proposed method can effectively detect DDoS attacks in cloud environment with a higher accuracy rate and lower false- and missing-alarm rates compared to existing DDoS attack-detection methods.

show abstract

Section: Related Researchmentioning

confidence: 99%

“…In this paper, the Gini coefficient is selected as the quantitative evaluation criterion of the single-decision tree division, as specified in formula (4). In this equation, represents the sample space of samples and categories, and represents the proportion of the samples of the entire sample.…”

Section: Random Forestmentioning

confidence: 99%

Flow Correlation Degree Optimization Driven Random Forest for Detecting DDoS Attacks in Cloud Computing

Cheng¹,

Tang

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Average (µ) and Standard deviation (δ) are calculated for every normal access and attack on x and y attributes used (2) and (3). Formula (1) is used to calculate the likelihood of Incoming IP address (IIP) normal and attack.…”

Section: E Apply Gaussian Naive Bayes Methodsmentioning

confidence: 99%

DDoS Attacks Classification using Numeric Attribute-based Gaussian Naive Bayes

Fadlil¹,

Riadi²,

Aji³

2017

ijacsa

View full text Add to dashboard Cite

Abstract-Cyber attacks by sending large data packets that deplete computer network service resources by using multiple computers when attacking are called Distributed Denial of Service (DDoS) attacks. Total Data Packet and important information in the form of log files sent by the attacker can be observed and captured through the port mirroring of the computer network service. The classification system is required to distinguish network traffic into two conditions, first normal condition, and second attack condition. The Gaussian Naive Bayes classification is one of the methods that can be used to process numeric attribute as input and determine two decisions of access that occur on the computer network service that is "normal" access or access under "attack" by DDoS as output. This research was conducted in Ahmad Dahlan University Networking Laboratory (ADUNL) for 60 minutes with the result of classification of 8 IP Address with normal access and 6 IP Address with DDoS attack access.

show abstract

“…Moreover, the performance of the detection schemes depends on how well it is operated and tested on all network protocols. Nowadays, Soft Computing or Artificial Intelligence-based methods are applied extensively for the attack detection (Singh, Hans, Kumar, & Singh, 2015). On the basis of analysis methods, detection approaches are classified into Signature-based, Anomaly-based and Hybrid detection (Agarwal & Mittal, 2012;Wu & Yen, 2009) as described in Figure 4.…”

Section: Approachesmentioning

confidence: 99%

A review of detection approaches for distributed denial of service attacks

Kaur

Kumar

Bhandari

2017

Systems Science & Control Engineering

View full text Add to dashboard Cite

Distributed Denial of Service (DDoS) attacks are the intimidation trials on the Internet that depletes the network bandwidth or exhausts the victim's resources. Researchers have introduced various defense mechanisms (such as attack prevention, traceback, reaction, detection, and characterization) against DDoS attacks, but such attacks are still growing year by year, and the ideal solutions of this problem are eluded so far. In the past, various signature-based and anomaly-based approaches were introduced for the detection of DDoS attacks, but only a few of them have focused on the nature of anomalies. Most of the detection approaches do not provide efficient real-time detection with high detection rate and low faux pas. In this paper, a classification of detection approaches against DDoS attacks has been presented with an aim to go deep insight into the DDoS problem for the beginners in this research area. The detection approaches have been explained along with their pluses and minuses. Further, this review paper includes the different functional classes to which the detection approaches belong to. In the end, a comparison of signature-based, anomaly-based and hybrid detection approaches is depicted in tabular form. ARTICLE HISTORY

show abstract

Comprehensive Study of Various Techniques for Detecting DDoS Attacks in Cloud Environment

Cited by 6 publications

References 10 publications

Flow Correlation Degree Optimization Driven Random Forest for Detecting DDoS Attacks in Cloud Computing

Flow Correlation Degree Optimization Driven Random Forest for Detecting DDoS Attacks in Cloud Computing

DDoS Attacks Classification using Numeric Attribute-based Gaussian Naive Bayes

A review of detection approaches for distributed denial of service attacks

Contact Info

Product

Resources

About