Tytuł artykułu
Treść / Zawartość
Pełne teksty:
Identyfikatory
Warianty tytułu
Języki publikacji
Abstrakty
Security is a critical concern for cloud service providers. Distributed denial of service (DDoS) attacks are the most frequent of all cloud security threats, and the consequences of damage caused by DDoS are very serious. Thus, the design of an efficient DDoS detection system plays an important role in monitoring suspicious activity in the cloud. Real-time detection mechanisms operating in cloud environments and relying on machine learning algorithms and distributed processing are an important research issue. In this work, we propose a real-time detection of DDoS attacks using machine learning classifiers on a distributed processing platform. We evaluate the DDoS detection mechanism in an OpenStack-based cloud testbed using the Apache Spark framework. We compare the classification performance using benchmark and real-time cloud datasets. Results of the experiments reveal that the random forest method offers better classifier accuracy. Furthermore, we demonstrate the effectiveness of the proposed distributed approach in terms of training and detection time.
Słowa kluczowe
Rocznik
Tom
Strony
62--71
Opis fizyczny
Bibliogr. 21 poz., rys., tab.
Twórcy
autor
- School of Computer Science and Engineering, KLE Technological University, Hubballi, Karnataka, India
autor
- School of Computer Science and Engineering, KLE Technological University, Hubballi, Karnataka, India
autor
- School of Computer Science and Engineering, KLE Technological University, Hubballi, Karnataka, India
autor
- School of Computer Science and Engineering, KLE Technological University, Hubballi, Karnataka, India
Bibliografia
- [1] S. Dong, K. Abbas, and R. Jain, „A survey on distributed denial of service (DDoS) attacks in SDN and cloud computing environments", IEEE Access, vol. 7, pp. 80813-80828, 2019 (DOI: 10.1109/ACCESS.2019.2922196).
- [2] N. Agrawal and S. Tapaswi, „Defense mechanisms against DDoS attacks in a cloud computing environment: state-of-the-art and research challenges", IEEE Commun. Surv. & Tutor., vol. 21, no. 4, pp. 3769-3795, 2019 (DOI: 10.1109/COMST.2019.2934468).
- [3] M. Zekri, S. E. Kafhali, N. Aboutabit, and Y. Saadi, „DDoS attaca detection using machine learning techniques in cloud computing environments", in Proc. 3rd Int. Conf. of Cloud Comput. Technol. And Appl. CloudTech 2017, Rabat, Morocco, 2017, pp. 1-7 (DOI: 10.1109/CloudTech.2017.8284731).
- [4] C. N. Modi, D. R. Patel, A. Patel, and M. Rajarajan, „Integrating signature apriori based network intrusion detection system (NIDS) in cloud computing", Procedia Technol., vol. 6, pp. 905-912, 2012 (DOI: 10.1016/j.protcy.2012.10.110).
- [5] A. S. Syed Navaz, V. Sangeetha, and C. Prabhadevi, „Entropy based anomaly detection system to prevent DDoS attacks in cloud", Int. J. of Comp. Appl., vol. 42, no. 15, pp. 42-47, 2013 [Online]. Available: https://arxiv.org/ftp/arxiv/papers/1308/1308.6745.pdf
- [6] R. Karimazad and A. Faraahi, „An anomaly-based method for DDoS attacks detection using RBF neural networks", in Proc. of Int. Conf. on Netw. and Electron. Engin. IPCSIT 2011, vol. 11 [Online]. Available: http://ipcsit.com/vol11/9-ICNEE2011-N019.pdf
- [7] A. Zarrabi and A. Zarrabi, „Internet intrusion detection system service in a cloud", Int. J. of Comp. Sci. Issues, vol. 9, iss. 5, no. 2, pp. 308-315, 2012 [Online]. Available: http://citeseerx.ist.psu.edu/viewdoc/download;jsessionid=1F3769647FE79FC6E52BFD98BF7C503C?doi=10.1.1.401.7096&rep=rep1&type=pdf
- [8] H. Gajjar and Z. Malek, „A survey of intrusion detection system (IDS) using OpenStack private cloud", in Proc. 4th World Conf. on Smart Trends in Syst., Secur. and Sustainab. WorldS4 2020, London, United Kingdom, 2020, pp. 162-168 (DOI: 10.1109/WorldS450073.2020.9210313).
- [9] J. Choi, C. Choi, B. Ko, D. Choi, and P. Kim, „Detecting Web based DDoS attack using MapReduce operations in cloud computing environment", J. of Internet Serv. and Inform. Secur., vol. 3, no. 3/4, pp. 28-37, 2013 [Online]. Available: http://isyou.info/jisis/vol3/no34/jisis-2013-vol3-no34-03.pdf
- [10] M. Mizukoshi and M. Munetomo, „Distributed denial of services attack protection system with genetic algorithms on Hadoop luster computing framework", in Proc. of IEEE Congr. on Evolut. Comput. CEC 2015, Sendai, Japan, 2015, pp. 1575-1580 (DOI: 10.1109/CEC.2015.7257075).
- [11] A. Alsirhani, S. Sampalli, and P. Bodorik, „DDoS attack detection system: utilizing classification algorithms with Apache Spark", In Proc. 9th IFIP Int. Conf. on New Technol., Mobil. and Secur. NTMS 2018, Paris, France, 2018, pp. 1-7 (DOI: 10.1109/NTMS.2018.8328686).
- [12] O. Osanaiye et al., „Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing", EURASIP J. on Wirel. Commun. and Network., vol. 2016, article no. 130, 2016 (DOI: 10.1186/s13638-016-0623-3).
- [13] A. Bhatia, „Faster detection and prediction of DDoS attacks Rusing MapReduce and time series analysis", in Proc. Int. Conf. on Inform. Network. ICOIN 2018, Chiang Mai, Thailand, 2018, pp. 556-561 (DOI: 10.1109/ICOIN.2018.8343180).
- [14] S. Hameed and U. Ali, „HADEC: Hadoop-based live DDoS detection framework", EURASIP J. on Inform. Secur., vol. 2018, article no. 11, 2018 (DOI: 10.1186/s13635-018-0081-z).
- [15] A. Sharma, C. Agrawal, A. Singh, and K. Kumar, „Real-time DDoS detection based on entropy using Hadoop framework", in Computing in Engineering and Technology. Proceedings of ICCET 2019, B. Iyer, P. S. Deshpande, S. C. Sharma, and U. Shiurkar, Eds. AISC, vol. 1025, pp. 297-305. Springer, 2019 (DOI: 10.1007/978-981-32-9515-5 28).
- [16] C. Wang, T. T. Miu, X. Luo, and J. Wang, „Skyshield: a sketch-based defense system against application layer DDoS attacks", IEEE Trans. on Inform. Forensics and Secur., vol. 13, no. 3, pp. 559-573, 2018 (DOI: 10.1109/TIFS.2017.2758754).
- [17] S. Behal, K. Kumar, and M. Sachdeva, „D-FACE: an anomaly based distributed approach for early detection of DDoS attacks and Ash events", J. of Netw. Comp. Appl., vol. 111, pp. 49-63, 2018 (DOI: 10.1016/j.jnca.2018.03.024).
- [18] K. B. Virupakshar, Narayan D. G., and P. S. Hiremath, „Detection of DDoS attacks in software defined networks", in Proc. of 3rd Int. Conf. on Computat. Sys. and Inform. Technol. for Sustain. Solut. CSITSS 2018, Bengaluru, India, 2018, pp. 265-270 (DOI: 10.1109/CSITSS.2018.8768551).
- [19] K. B. Virupakshar et al., „Distributed denial of service (DDoS) attacks detection system for OpenStack-based private cloud", Procedia Comp. Sci., vol. 167, pp. 2297-2307, 2020 (DOI: 10.1016/j.procs.2020.03.282).
- [20] OpenStack [Online]. Available: https://www.OpenStack.org/
- [21] Apache Spark [Online]. Available: https://spark.apache.org
Uwagi
Opracowanie rekordu ze środków MNiSW, umowa Nr 461252 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2021).
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-0c696d40-9737-4859-ae70-2232832e273b