Semi-Supervised K-Means DDoS Detection Method Using Hybrid Feature Selection Algorithm

Gu, Yuantao; Li, Kaiyue; Guo, Zhenyang; Wang, Yongfei

doi:10.1109/access.2019.2917532

Cited by 121 publications

(48 citation statements)

References 39 publications

(34 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…e Smart Detection system has reached high accuracy and low false-positive rate. Experiments were conducted using two Virtual Linux boxes, Define all the descriptor database variables as the current variables; (5) while True do (6) Split dataset in training and test partitions; (7) Create and train the model using training data partition; (8) Select the most important variables from the trained model; (9) Calculate the cumulative importance of variables from the trained model; (10) if max (cumulative importance of variables) < Variable importance threshold then (11) Exit loop; (12) end (13) Train the model using only the most important variables; (14) Test the trained model and calculate the accuracy; (15) if Calculated accuracy < Accuracy threshold then (16) Exit loop; (17) end (18) Add current model to optimized model set; (19) Define the most important variables from the trained model as the current variables; (20) end (21) end (22) Group the models by number of variables; (23) Remove outliers from the grouped model set; (24) Select the group of models with the highest frequency and their number of variables "N"; (25) Rank the variables by the mean of the importance calculated in step 7; (26) Return the "N" most important variables; [2004][2005] have been used by the researchers to evaluate the performance of their proposed intrusion detection and prevention approaches. However, many such datasets are out of date and unreliable to use [25].…”

Section: Resultsmentioning

confidence: 99%

“…is has led researchers to use autonomous solutions that can operate (detect and mitigate) based on the behavior and characteristics of the traffic. In this sense, the adoption of solutions with techniques based on artificial intelligence, mainly machine learning (ML), has been distinguished by offering high flexibility in the classification process, consequently improving the detection of malicious traffic [18,19]. e industrial sector offers DDoS protection as a service through large structures, usually operated by specialized providers [6] such as Akamai, Cloudflare, and Arbor Networks, which have large processing capacity and proprietary filtering mechanisms.…”

Section: Problem Statements Ddos Detection and Mitigationmentioning

confidence: 99%

See 1 more Smart Citation

Smart Detection: An Online Approach for DoS/DDoS Attack Detection Using Machine Learning

Filho

Silveira

Júnior

et al. 2019

Security and Communication Networks

180

View full text Add to dashboard Cite

Users and Internet service providers (ISPs) are constantly affected by denial-of-service (DoS) attacks. This cyber threat continues to grow even with the development of new protection technologies. Developing mechanisms to detect this threat is a current challenge in network security. This article presents a machine learning- (ML-) based DoS detection system. The proposed approach makes inferences based on signatures previously extracted from samples of network traffic. The experiments were performed using four modern benchmark datasets. The results show an online detection rate (DR) of attacks above 96%, with high precision (PREC) and low false alarm rate (FAR) using a sampling rate (SR) of 20% of network traffic.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Problem Statements Ddos Detection and Mitigationmentioning

confidence: 99%

Smart Detection: An Online Approach for DoS/DDoS Attack Detection Using Machine Learning

Filho

Silveira

Júnior

et al. 2019

Security and Communication Networks

180

View full text Add to dashboard Cite

show abstract

“…As can be seen in the work of [16] and [17], the use of the K-means algorithm presented a very high hit rate compared to other techniques. This algorithm will run in the Cloud (Fig.…”

Section: Fog Computing Architecturementioning

confidence: 94%

“…As shown in the article of [16], it was proposed a DDoS detection model with K-Means algorithm customization that compared to other works provided a higher rate of detection of anomalies, taking into account factors such as True Positive Rate, False Positive Rate and Recall Rate. In addition, is used the main Open Source Dataset (DARPA, CAIDA, CICIDS), as well as the real-world dataset to proposed benchmark.…”

Section: B Work Related To Security Issuesmentioning

confidence: 99%

A Fog Computing Architecture for Security and Quality of Service

Barreto¹,

de²,

Ribeiro

2019

Annals of Computer Science and Information Systems

View full text Add to dashboard Cite

The Fog Computing paradigm is an emerging architecture and focuses on optimizing resources for the Internet of Things environment, bringing to the Edge, Cloud's characteristics. The demand generated by the number of possible devices in this network attracts problems related to quality of service, security, among others, attracting researchers from the most diverse areas. In our work, in addition to performing a study on selected works in a mapping process, detecting trends in the use of Fog architectures. The main contribution is presented by a security-based Fog Computing architecture using QoS for scalable environments with Docker containers for orchestration and deployment of security with SDN.

show abstract

“…Furthermore, the adequacy of the result in the case of a complex cluster shapes is questionable (this model is proved to work fine with the ball-shaped clusters [6]). The result is sensitive to the outliers (standalone objects) [7,8] and depends on the chosen distance measure and the data normalization method. This model does not take into account the dissimilarity between the objects in different clusters, and the application of the k-means model results in some solution X 1 , .…”

Section: Problem Statementmentioning

confidence: 99%

Self-Adjusting Variable Neighborhood Search Algorithm for Near-Optimal k-Means Clustering

Kazakovtsev¹,

Rozhnov²,

Popov³

et al. 2020

Computation

View full text Add to dashboard Cite

The k-means problem is one of the most popular models in cluster analysis that minimizes the sum of the squared distances from clustered objects to the sought cluster centers (centroids). The simplicity of its algorithmic implementation encourages researchers to apply it in a variety of engineering and scientific branches. Nevertheless, the problem is proven to be NP-hard which makes exact algorithms inapplicable for large scale problems, and the simplest and most popular algorithms result in very poor values of the squared distances sum. If a problem must be solved within a limited time with the maximum accuracy, which would be difficult to improve using known methods without increasing computational costs, the variable neighborhood search (VNS) algorithms, which search in randomized neighborhoods formed by the application of greedy agglomerative procedures, are competitive. In this article, we investigate the influence of the most important parameter of such neighborhoods on the computational efficiency and propose a new VNS-based algorithm (solver), implemented on the graphics processing unit (GPU), which adjusts this parameter. Benchmarking on data sets composed of up to millions of objects demonstrates the advantage of the new algorithm in comparison with known local search algorithms, within a fixed time, allowing for online computation.

show abstract

Semi-Supervised K-Means DDoS Detection Method Using Hybrid Feature Selection Algorithm

Cited by 121 publications

References 39 publications

Smart Detection: An Online Approach for DoS/DDoS Attack Detection Using Machine Learning

Smart Detection: An Online Approach for DoS/DDoS Attack Detection Using Machine Learning

A Fog Computing Architecture for Security and Quality of Service

Self-Adjusting Variable Neighborhood Search Algorithm for Near-Optimal k-Means Clustering

Contact Info

Product

Resources

About