Is low‐rate distributed denial of service a great threat to the Internet?

Chen, Ming; Chen, Jing; Wei, Xianglin; Chen, Bing

doi:10.1049/ise2.12031

Cited by 6 publications

(5 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Low-rate Distributed Denial of Service (LDDoS) attacks have become a significant threat to network security due to their ability to evade traditional DDoS detection techniques [16]. LDDoS attacks operate at low traffic rates, which can go undetected by traditional detection methods.…”

Section: Related Workmentioning

confidence: 99%

Real-time Detection of Low-Rate DDoS Attacks in SDN-based Networks using Online Machine Learning Model

Alashhab,

Zahid,

Abdullahi

et al. 2023

Preprint

View full text Add to dashboard Cite

Software Defined Networks (SDN) provide rapid configuration, scalability, and management through a dynamic, programmable architecture that surpasses traditional network limitations. However, detecting Distributed Denial of Service (DDoS) attacks remains challenging, threatening both traditional and SDN-based networks. Machine Learning (ML) and Deep Learning (DL) technologies in conjunction with SDN have shown significant potential in effectively countering these threats. Prior studies primarily addressed high-rate DDoS attacks, neglecting low-rate DDoS attacks that resemble legitimate traffic, and often using outdated datasets. While researchers employ various offline learning algorithms to identify DDoS attacks, online learning classifiers remain underexplored. Our goal is to offer an intrusion detection model tailored to SDN networks, using the online passive-aggressive classifier. The proposed model achieves a 99.7% average detection rate for normal vs. DDoS network traffic, outperforming similar models on multiple datasets, including (CICDDoS2019, and InSDN. slow-read-DDoS), effectively detecting and mitigating DDoS attacks.

show abstract

Section: Related Workmentioning

confidence: 99%

Real-time Detection of Low-Rate DDoS Attacks in SDN-based Networks using Online Machine Learning Model

Alashhab,

Zahid,

Abdullahi

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

“…On the basis of DDoS attacks, LDDoS attacks control puppet machine periodically sends small pulse traffic to the target host at a lower sending rate. When all pulses reach the target at the same time, they converge into a huge impact traffic to realize the attack [54]. Random network link failure may be caused by link disconnection, routing failure, wireless signal weakness and other factors.…”

Section: The Necessity Of Mptcp Security Researchmentioning

confidence: 99%

Focus on Multipath TCP: Introduction, Benefits and Future Research Trends

Ji¹,

Ji²,

Wu³

et al. 2021

ReBICTE

View full text Add to dashboard Cite

With the rapid development of mobile video technology and the increasing demand for online videoapplications, people have higher demands on the transmission performance and user experience ofreal-time Internet applications such as video. Multipath transmission is considered as an ideal solutionto improve video transmission performance and user experience quality in wireless networkenvironment. In recent years, the academic research on multipath transmission protocol focuses ondata scheduling, energy consumption optimization, fairness, congestion control and so on, but theresearch on network security is insufficient, especially the research on the anti-damage analysis androbustness optimization of multipath transmission. Based on a comprehensive analysis of the latestresearch trends, this paper makes a beneficial exploration of the future development of end-to-endmultipath transmission over the Internet based on Multipath TCP (MPTCP).

show abstract

“…LDoS attacks differ from traditional Distributed Denial of Service (DDoS) attack in three ways: (1) These attacks have the same characteristics as legitimate network traffic, making them highly concealed and challenging to detect. (2) The average traffic rate is significantly low and the number of sent packets is extremely small; consequently, these attacks are challenging to detect with traditional mechanisms.…”

Section: Introductionmentioning

confidence: 99%

“…(3) LDoS attack utilises TCP/IP protocol's three-way handshake mechanism where control measures look normal; however, this can reduce the quality of service [1,2]. LDoS attack is categorized into Quality of Services (QoS), SRA, and Service-Queue attacks based on the damage to the protocols [3].…”

Section: Introductionmentioning

confidence: 99%

Light-Weight Slow-Rate Attack Detection Framework for Resource-Constrained Industrial Cyber-Physical Systems

Zahid,

Kuo,

Sinha

2023

Preprint

View full text Add to dashboard Cite

Industrial Cyber-Physical Systems (ICPS) are heterogenous computer systems interacting withphysical processes in an industrial environment. The high degree of distribution and interconnectedness poses significant security threats to ICPS, including Slow−Rate Attacks (SRA ). SRA often exploit system vulnerabilities arising from the inherent limitations of resource-constrained ICPS computers like programmable logic controller (PLC). Existing literature identify several challenges in detecting and classifying SRA in resource-constrained ICPS. In this article, we propose an optimised Online Sequential−Extreme Learning Machine (OSELM)-based, novel light-weight active security framework for SRA detection. We reduce the memory and space footprint of OSELM through optimisation techniques for deployment in resource-constrained ICPS. Also, we introduce a simple stratified k-fold cross training method to improve the binary and multi-class SRA- detection capability of the proposed framework, focusing on performance and accuracy of attack detection. Experimental results demonstrate that our proposed framework can effectively and efficiently detect binary and multi-class SRA with an accuracy of 0.975 and 0.96 with average detection times of 0.03 and 0.04 sec, respectively, using less than 3 MB of memory and 10-12% of CPU usage in PLC-based ICPS.

show abstract

Is low‐rate distributed denial of service a great threat to the Internet?

Cited by 6 publications

References 26 publications

Real-time Detection of Low-Rate DDoS Attacks in SDN-based Networks using Online Machine Learning Model

Real-time Detection of Low-Rate DDoS Attacks in SDN-based Networks using Online Machine Learning Model

Focus on Multipath TCP: Introduction, Benefits and Future Research Trends

Light-Weight Slow-Rate Attack Detection Framework for Resource-Constrained Industrial Cyber-Physical Systems

Contact Info

Product

Resources

About