International Journal of Computer Science & Network Security

국제컴퓨터통신보호논문지학회 (International Journal of Computer Science & Network Security)
권호 표지
DOI QR코드

DOI QR Code

A DDoS attack Mitigation in IoT Communications Using Machine Learning

  • 투고 : 2024.04.05
  • 발행 : 2024.04.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Through the growth of the fifth-generation networks and artificial intelligence technologies, new threats and challenges have appeared to wireless communication system, especially in cybersecurity. And IoT networks are gradually attractive stages for introduction of DDoS attacks due to integral frailer security and resource-constrained nature of IoT devices. This paper emphases on detecting DDoS attack in wireless networks by categorizing inward network packets on the transport layer as either "abnormal" or "normal" using the integration of machine learning algorithms knowledge-based system. In this paper, deep learning algorithms and CNN were autonomously trained for mitigating DDoS attacks. This paper lays importance on misuse based DDOS attacks which comprise TCP SYN-Flood and ICMP flood. The researcher uses CICIDS2017 and NSL-KDD dataset in training and testing the algorithms (model) while the experimentation phase. accuracy score is used to measure the classification performance of the four algorithms. the results display that the 99.93 performance is recorded.

키워드

과제정보

The authors would like to express their deep thanks to Dr. John Mike for his valuable advice.

참고문헌

  1. Shirazi, "Evaluation of anomaly detection techniques for scada communication resilience," IEEE Resilience Week, 2016. 
  2. N. Mirai, "mirai-botnet," 2016. [Online]. Available: https://www.cyber.nj.gov/threat-profiles/botnetvariants/mirai-botnet. [Accessed 31 December 2019]. 
  3. H. Zhou, B. Liu and D. Wang, "Design and research of urban intelligent transportation system based on the Internet of Things," Internet of Things, pp. 572-580, 2012. 
  4. S. Lim, S. Yang and Y. Kim, "Controller scheduling for continued SDN operation under DDoS attacks," Electronic Letter, pp. 1259-1261, 2015. 
  5. A. Buck and E. Govan, "A survey of data mining and machine learning methods for cyber security intrusion detection," IEEE Communications Surveys & Tutorials, vol. 18.2, 2016. 
  6. P. Baldi, "Autoencoders, Unsupervised Learning, and Deep Architectures," Proceedings of ICML works hop nuns supervised transfer learning, 2012. 
  7. R. Doshi, N. Althorp and N. Feemster, "Machine Learning DDoS Detection for Consumer Internet of Things Devices," IEEE Deep Learning and Security Workshop, 2018. 
  8. Q. Yan, F. Yu and Q. Gong, "Software defined networking and Distributed denial of service attacks in cloud computing environments," IEEE Communications Survey & Tutorial, no. 18, pp. 602-622, 2016. 
  9. N. Z. Bawany, J. A. Shamsi and K. Salah, "DDoS Attack Detection and Mitigation Using SDN," Arabian Journal for Science & Engineering, no. 2, pp. 1-19, 2017. 
  10. B. Kang and H. Choo, "An SDN-enhanced load-balancing technique in the cloud system[J].," Journal of Supercomputing, pp. 1-24, 2016. 
  11. O. Saniya and D. M. Choo, "Distributed denial of service (DDOS) resilience in cloud," Journal of Network & Computer Applications, pp. 147-165, 2016. 
  12. H. Luo, Z. Chen and J. Li, "Preventing Distributed Denial-of-Service Flooding Attacks with Dynamic Path Identifiers[J]," IEEE Transactions on Information Forensics & Security, pp. 1801-1815, 2017. 
  13. U. Dick and T. Schiffer, "Learning to control a structured-prediction decoder for detection of HTTP-layer DDOS attackers," in Machine Learning, 2016, pp. 1-26. 
  14. Z. Gao and N. Ansari, "Differentiating Malicious DDoS Attack Traffic from Normal TCP Flows by Proactive Tests[J]," Communications Letters IEEE, pp. 793-795, 2006. 
  15. K. Briceno, A. Rurality and A. Gurov, "Detecting the Origin of DDoS Attacks in OpenStack Cloud Platform Using Data Mining Techniques[M]// Internet of Things," Smart Spaces, and Next Generation Networks and Systems, 2016. 
  16. N. Hoque, D. Bhattacharyya and J. Kavita, "Botnet in DDoS Attacks: Trends and Challenges[J]," IEEE Communications Surveys & Tutorials, pp. 1-1, 2015. 
  17. A. Saeed, R. E. Overbill and T. Ridzik, "Detection of known and unknown DDOS attacks using Artificial Neural Networks," Neurocomputing, pp. 385-393, 2016. 
  18. S. Rama nauseate, N. Geranin and A. Cents, "Modelling influence of Botnet features on effectiveness of DDoS attacks[J]," Security & Communication Networks, pp. 2090-2101, 2015. 
  19. C. Barghini, M. J. Kavita, S. Singh and D. K. Bhattacharyya, "Anomaly based DDoS attack detection," International Journal of Computer Applications, pp. 35-40, 2015. 
  20. A. Aggarwal and A. Gupta, "Survey on data mining and IP traceback technique in DDos attack," International Journal of Engineering and computer science, vol. 4(6), pp. 12595-12598, 2015. 
  21. G. Naima and M. Hemal Atha, "Effective approach towards intrusion detection system using data mining technique," Egyptian Informatics Journal, vol. 15(1), pp. 37-50, 2014.  https://doi.org/10.1016/j.eij.2013.10.003
  22. Y. A. Mahmood, "Autoencoder-based feature learning for cybersecurity applications," International Joint Conference on Neural Networks (IJCNN), 2017. 
  23. S. Yadav and S. Subramanian, "Detection of Application Layer DDoS attack by feature learning using Stacked Auto Encoder," International Conference on Computational (ICCTICT), 2016. 
  24. A. Fischer and C. Ige, "An introduction to restricted Boltzmann machines. In Libero American congress on pattern recognition," Springer, Berlin, Heidelberg, pp. 14-36, 2012. 
  25. V. G. Rydin and G. Volcano, "An expectation maximization method to estimate a rank-based," 2017. 
  26. D. Ferrierite, "Extreme Dimensionality Reduction for Network Attack Visualization with Autoencoders," (IJCNN), 2019. 
  27. I. Sharfuddin, A. H. Lashkar, S. Haka and A. Ghobadi, "Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy," International caravan conference on security (ICCST). IEEE, pp. 1-8, 2019. 
  28. Y. Maidan, M. Bandana, Y. Mathur, Y. Mirsky and Shabtai, "Network based detection of iot botnet attacks using deep autoencoders," IEEE Pervasive Computing, pp. 12-22, 17(3). 
  29. C. Elkan, "Using the triangle inequality to accelerate k-means," ICML-03, pp. 147-153, 2003. 
  30. R. Bhatia, S. Benno, J. Esteban, T. V. Lakshman and J. Grogan, "Unsupervised machine learning for network-centric anomaly detection in IoT.," in the 3rd ACM CoNEXT Workshop on Big DAta, Machine Learning and Artificial Intelligence for Data Communication Networks.