Mitigating DDoS using weight‐based geographical clustering

Kongshavn, Madeleine Victoria; Haugerud, Hårek; Yazidi, Anis; Maseng, Torleiv; Hammer, Hugo Lewi

doi:10.1002/cpe.5679

Cited by 6 publications

(4 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The confusion matrices from figure 8, and figure 9, shows the test results of of preset 4 and preset 6 respectively, before performing manual feature selection with LIME 17 . Preset 6 showed slightly better benign accuracy than preset 4, but both models had trouble classifying the malicious traffic flows.…”

Section: Results After Feature Selection With Limementioning

confidence: 99%

“…IP addresses, although not always reliable to pinpoint exactly where a connection is based, provide the general geographical location such as country and city, unless the address is spoofed or hidden in layers of redirection. The authors of the article discussed here propose two novel methods for DDoS mitigation, specifically for HTTP flooding, based on hidden data structures in historical traffic [17]. The first method is A priori-based frequent networks (AFN), used to discover common known prefixes during training and relating it to unknown data later on.…”

Section: Data Mining and Density-based Geographical Clusteringmentioning

confidence: 99%

See 1 more Smart Citation

DoS and DDoS mitigation using Variational Autoencoders

et al. 2021

Self Cite

View full text Add to dashboard Cite

Section: Results After Feature Selection With Limementioning

confidence: 99%

Section: Data Mining and Density-based Geographical Clusteringmentioning

confidence: 99%

DoS and DDoS mitigation using Variational Autoencoders

et al. 2021

Self Cite

View full text Add to dashboard Cite

“…This document has a wealth of experimental data sets and has achieved good simulation results. Kongshavn et al [11] applied clustering techniques to diagnose distributed denial of service (DDoS) attacks. Use clustering techniques to create geographic clusters in areas that may contain legitimate traffic.…”

Section: Related Workmentioning

confidence: 99%

Traffic Anomaly Detection Method Based on Improved GRU and EFMS-Kmeans Clustering

Huo¹,

Cao²,

Wang³

et al. 2021

Computer Modeling in Engineering &Amp; Sciences

View full text Add to dashboard Cite

In recent years, with the continuous development of information technology and the rapid growth of network scale, network monitoring and management become more and more important. Network traffic is an important part of network state. In order to ensure the normal operation of the network, improve the availability of the network, find network faults in time and deal with network attacks; it is necessary to detect the abnormal traffic in the network. Abnormal traffic detection is of great significance in the actual network management. Therefore, in order to improve the accuracy and efficiency of network traffic anomaly detection, this paper proposes a comprehensive anomaly detection method based on improved GRU traffic prediction and improved K-means clustering, and cascade the traffic prediction and clustering to achieve the purpose of anomaly detection. Firstly, an improved highway-GRU algorithm HS-GRU (An improved Gate Recurrent Unit neural network based on Highway network and STL algorithm, HS-GRU) is proposed, which combines STL decomposition algorithm with highway GRU neural network and uses this improved algorithm to predict traffic. And then, we proposed the EFMS-Kmeans algorithm (An improved clustering algorithm that combined Mean Shift algorithm based on electrostatic force with K-means clustering) to solve the shortcoming of the traditional K-means clustering which cannot automatically determine the number of clustering. The sum of the squared errors (SSE) method and the contour coefficient method were used to double test the clustering effect. After determining the clustering center, the potential energy gradient was directly used for anomaly detection by using the threshold method, which considered the local characteristics of the data and ensured the accuracy of anomaly detection. The simulation results show that the anomaly detection algorithm based on HS-GRU and EFMS-Kmeans clustering proposed in this paper can effectively improve the accuracy of flow anomaly detection and has important application value.

show abstract

“…Algorithms, such as References 88 and 89, can be ported and utilized as part of the investigation procedure. Geo‐spatial correlation: admission requests from an attacker trying to gain access to multiple wallets can follow certain trends that may be detected using geospatial correlation. The literature has an arsenal of algorithms and mechanisms to detect such correlation including 90‐94 . This will lead to immunity against attacks resulting from identity thefts such as node impersonation 95 …”

Section: Permissionless Proof‐of‐reputation‐xmentioning

confidence: 99%

Permissionless proof‐of‐reputation‐X: A hybrid reputation‐based consensus algorithm for permissionless blockchains

Abdo

Sibai

Demerjian

2020

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Over the past years, blockchain technology has become more and more interesting since its ability to carry out transactions without any mediator. To ensure the transactions' reliability, consensus algorithms are adopted by blockchain technology. However, due to the failure of consensus algorithms in managing nodes' identities, blockchain technology is considered inappropriate for many applications. In this article, we propose the permissionless proof‐of‐reputation‐X (PL‐PoRX) that upgrades an existing consensus algorithm, the proof‐of‐reputation‐X (PoRX). PL‐PoRX replaces the trusted identity database in PoRX with a new admission process to make the algorithm suitable for permissionless blockchains, while maintaining PoRX's reputation mechanism. Several experiments are conducted to show the efficiency of our approach under different scenarios. We also debate the security model of the new protocol and study its time complexity. The results show that PL‐PoRX decreases the number of blocks issued by malicious miners, and help benign miners build reputation faster.

show abstract

Mitigating DDoS using weight‐based geographical clustering

Cited by 6 publications

References 46 publications

DoS and DDoS mitigation using Variational Autoencoders

DoS and DDoS mitigation using Variational Autoencoders

Traffic Anomaly Detection Method Based on Improved GRU and EFMS-Kmeans Clustering

Permissionless proof‐of‐reputation‐X: A hybrid reputation‐based consensus algorithm for permissionless blockchains

Contact Info

Product

Resources

About