Detection of DDoS Attacks in OpenStack-based Private Cloud Using Apache Spark

Gumaste, Shweta; Narayan, D. G.; Shinde, Sumedha; Amit, Kumar

doi:10.26636/jtit.2020.146120

Cited by 18 publications

(10 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“… Attack traffic: Hadoop cluster:01+02 (IP and port)” 20-40 nodes (Namenode+Datanodes) Patil et al [ 41 ] “Source and dest. CAIDA07, MIT-DDoS98 Hadoop cluster: 01+03 (IP and port)” (Namenode+Datanodes) Gumaste et al [ 42 ] “Source and dest. Captured flows Open-stack based testbed IP”, “Protocol” 01+01+03 (Controller+ neutron+compute nodes) Patil et al [ 43 ] “Source IP”, “Timestamp”, Synthetic data 02 nodes Hadoop cluster “Destination IP” 03 nodes Spark Streaming cluster Ahmed et al [ 44 ] “Source and dest.…”

Section: Related Workmentioning

confidence: 99%

KS-DDoS: Kafka streams-based classification approach for DDoS attacks

2022

View full text Add to dashboard Cite

A distributed denial of service (DDoS) attack is the most destructive threat for internet-based systems and their resources. It stops the execution of victims by transferring large numbers of network traces. Due to this, legitimate users experience a delay while accessing internet-based systems and their resources. Even a short delay in responses leads to a massive financial loss. Numerous techniques have been proposed to protect internet-based systems from various kinds of DDoS attacks. However, the frequency and strength of attacks are increasing year-after-year. This paper proposes a novel Apache Kafka Streams-based distributed classification approach named KS-DDoS. For this classification approach, firstly, we design distributed classification models on the Hadoop cluster using highly scalable machine learning algorithms by fetching data from Hadoop distributed files system (HDFS). Secondly, we deploy an efficient distributed classification model on the Kafka Stream cluster to classify incoming network traces into nine classes in real-time. Further, this distributed classification approach stores highly discriminative features with predicted outcomes into HDFS for creating/updating models using a new set of instances. We implemented a distributed processing framework-based experimental environment to design, deploy, and validate the proposed classification approach for DDoS attacks. The results show that the proposed distributed KS-DDoS classification approach efficiently classifies incoming network traces with at least 80% classification accuracy.

show abstract

Section: Related Workmentioning

confidence: 99%

KS-DDoS: Kafka streams-based classification approach for DDoS attacks

2022

View full text Add to dashboard Cite

show abstract

“…Moreover, a laboratory-based testbed with a Floodlight controller was deployed to generate a dataset for testing the model and achieved an accuracy of 98.88%. The authors in [22] explored the RF, decision tree, and logistic regression methods to detect DDoS in two datasets: KDD Cup 99 dataset and their own generated real-time dataset. The RF technique provided the best performance with an accuracy of 99.21% and a FPR of 0.3%.…”

Section: A Existing Workmentioning

confidence: 99%

SDN-Based Architecture for Transport and Application Layer DDoS Attack Detection by Using Machine and Deep Learning

2021

View full text Add to dashboard Cite

Distributed Denial of Service (DDoS) attacks represent the most common and critical attacks targeting conventional and new generation networks, such as the Internet of Things (IoT), cloud computing, and fifth-generation (5G) communication networks. In recent years, DDoS attacks have become not only massive but also sophisticated. Software-Defined Networking (SDN) technology has demonstrated effectiveness in counter-measuring complex attacks since it provides flexibility on global network monitoring and inline network configuration. Although several works have been proposed to detect DDoS attacks, in most of them the authors did not use up-to-date datasets that contain the newest threats. Furthermore, only a few previous works assessed their solutions using simulated scenarios, easing the migration to production networks. This document presents the implementation of a modular and flexible SDN-based architecture to detect transport and application layer DDoS attacks using multiple Machine Learning (ML) and Deep Learning (DL) models. Exploring diverse ML/DL methods allowed us to resolve which methods perform better under different attack types and conditions. We tested the ML/DL models using two up-to-date security datasets, and they showed accuracy above 99% on classifying unseen traffic (testing set). We also deployed a simulated environment using the network emulator Mininet and the Open Network Operating System (ONOS) SDN controller. In this experimental setup, we demonstrated high detection rates, above 98% for transport DDoS attacks and up to 95% for application-layer DDoS attacks.INDEX TERMS Software Defined Networking, deep learning, machine learning, DDoS attack, transport layer, application layer, slow-rate attacks.

show abstract

“…However, it would be more appropriate to use a real traffic dataset rather than a synthetic dataset. Gumaste et al [130] proposed a detection approach on the OpenStack platform within the private cloud environment. The authors designed Spark as a service for ondemand provisioning of clusters.…”

Section: A Ddos Defense Systems Based On ML Techniques In Cloud Compmentioning

confidence: 99%

“…Spark provides a small processing delay in contrast to Hadoop, and it is faster than Hadoop MapReduce [160]. Several related works employed the Spark framework to mitigate DDoS attacks [130], [160]- [164]; however, Spark does not support file management systems, which raises the need to integrate with other platforms. Another challenge is that memory becomes a bottleneck when dealing with a large amount of data.…”

Section: H Distributed Processing Of Ddos Attacks Using Hadoop and Smentioning

confidence: 99%

Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking Environments

Aljuhani

2021

IEEE Access

View full text Add to dashboard Cite

Detection of DDoS Attacks in OpenStack-based Private Cloud Using Apache Spark

Cited by 18 publications

References 15 publications

KS-DDoS: Kafka streams-based classification approach for DDoS attacks

KS-DDoS: Kafka streams-based classification approach for DDoS attacks

SDN-Based Architecture for Transport and Application Layer DDoS Attack Detection by Using Machine and Deep Learning

Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking Environments

Contact Info

Product

Resources

About