Advancing Cybersecurity: A Machine Learning Framework for Detecting Distributed Denial of Service (DDoS) Attacks

Aman Anand; Prof. Manish Kumar Singhal

doi:10.32628/IJSRST25121154

Authors

Aman Anand M. tech Scholar, Department of Information Technology (IT), NRI Institute of Information Science and Technology, Bhopal, Madhya Pradesh, India Author
Prof. Manish Kumar Singhal Associate Professor & H.O.D, NRI Institute of Information Science and Technology, Bhopal, Madhya Pradesh, India Author

DOI:

https://doi.org/10.32628/IJSRST25121154

Keywords:

Distributed denial of service (DDoS), Attack Detection, Machine Learning, Neural Network, ANN Approach, MATLAB, 5G Network

Abstract

This paper explores the nature of threats posed by Distributed Denial of Service (DDoS) attacks on large networks, such as the Internet, emphasizing the need for effective detection and response mechanisms. These mechanisms must be implemented not only at the network edge but also within its core. The paper introduces methods to detect DDoS attacks by analyzing entropy and frequency-sorted distributions of specific packet attributes. Anomalies in these attributes' characteristics serve as indicators of potential DDoS attacks. The proposed methods are evaluated for detection accuracy and performance using live traffic traces collected from diverse network environments, including core Internet nodes and edge networks. Results demonstrate the effectiveness of these methods against current DDoS attacks and provide insights into improving detection capabilities for more sophisticated, stealthier threats. Additionally, the paper describes a detection-response prototype and discusses how the detection system can be extended to support effective response decision-making.

Downloads

Download data is not yet available.

References

P. Arun Raj Kumar, S. Selvakumar “Distributed denial of service attack detection using an ensemble of neural classifier” Volume 34, Issue 11, 15 July 2011, Pages 1328-1341. DOI: https://doi.org/10.1016/j.comcom.2011.01.012

Sura Abdulmunem Mohammed Al-Juboori, Firas Hazzaa1 , Zinah Sattar Jabbar, Sinan Salih2 , Hassan Muwafaq Gheni ―Man-in-the-middle and denial of service attacks detection using machine learning algorithms‖ Vol. 12, No. 1, February 2023, pp. 418~426. DOI: https://doi.org/10.11591/eei.v12i1.4555

Mustafa S. Ibrahim Alsumaidaie Khattab M. Ali Alheeti 1 , Abdul Kareem Alaloosy ―Intelligent Detection of Distributed Denial of Service Attacks: A Supervised Machine Learning and Ensemble Approach‖ March 2023.

Guşatu, Marian, and Ruxandra F. Olimid. "Improved security solutions for DDoS mitigation in 5G Multi-access Edge Computing." In International Conference on Information Technology and Communications Security, pp. 286-295. Springer, Cham, 2022. DOI: https://doi.org/10.1007/978-3-031-17510-7_19

Kim, Ye-Eun, Yea-Sul Kim, and Hwankuk Kim. "Effective Feature Selection Methods to Detect IoT DDoS Attack in 5G Core Network." Sensors 22, no. 10 (2022): 3819. DOI: https://doi.org/10.3390/s22103819

Al-Shareeda, Mahmood A., and Selvakumar Manickam. "MSR-DoS: Modular Square Root-based Scheme to Resist Denial of Service (DoS) Attacks in 5G-enabled Vehicular Networks." IEEE Access (2022). DOI: https://doi.org/10.1109/ACCESS.2022.3222488

Gao, Qinghang, Hao Wang, Liyong Wan, Jianmao Xiao, and Long Wang. "G/M/1- Based DDoS Attack Mitigation in 5G Ultradense Cellular Networks." Wireless Communications and Mobile Computing 2022 (2022). DOI: https://doi.org/10.1155/2022/4282859

Dr. D.Ganesh, Dr.K.Suresh, Dr.M.Sunil Kumar ―Improving Security in Edge Computing by using Cognitive Trust Management Model‖ 2022. DOI: https://doi.org/10.1109/ICECAA55415.2022.9936568

Ling Hou , Mark A. Gregory And Shuo Li ―Multi-Access Edge Computing and Vehicular Networking‖ 21 November 2022. DOI: https://doi.org/10.1109/ACCESS.2022.3224032

Khan, Md Sajid, Behnam Farzaneh, Nashid Shahriar, NiloySaha, and Raouf Boutaba. "SliceSecure: Impact and Detection of DoS/DDoS Attacks on 5G Network Slices.(2021)". DOI: https://doi.org/10.1109/FNWF55208.2022.00117

Alamri, Hassan A., VijeyThayananthan, and Javad Yazdani. "Machine Learning for Securing SDN based 5G network." Int. J. Comput. Appl 174, no. 14 (2021): 9-16. DOI: https://doi.org/10.5120/ijca2021921027

Sakib Shahriar Shafin, Sakir Adnan Prottoy , Saif Abbas , Safayat Bin Hakim, Abdullahi Chowdhury , and Md. Mamunur Rashid ―Distributed Denial of Service Attack Detectionusing Machine Learning and Class Oversampling‖ 2021. 60

Amit V Kachavimath, Shubhangeni Vijay Nazare and Sheetal S Akki ―Distributed Denial of Service Attack Detection using Naïve Bayes and K-Nearest Neighbor for Network Forensics‖ 2020. DOI: https://doi.org/10.1109/ICIMIA48430.2020.9074929

Kim, Youngsoo, Jong Geun Park, and Jong-Hoon Lee. "Security threats in 5G edge computing environments." In 2020 International Conference on Information and Communication Technology Convergence (ICTC), pp. 905-907. IEEE, 2020. DOI: https://doi.org/10.1109/ICTC49870.2020.9289521

Ferhat Ozgur Cataka, and Ahmet Fatih Mustacoglub ―Distributed denial of service attack detection using autoencoder and deep neural networks‖ 2019.

Animesh Gupta ―Distributed Denial of Service Attack Detection Using a Machine Learning Approach‖ 2018.

Moudoud, Hajar, Lyes Khoukhi, and Soumaya Cherkaoui. "Prediction and detection of fdia and ddos attacks in 5g enabled iot." IEEE Network 35, no. 2 (2020): 194-201. DOI: https://doi.org/10.1109/MNET.011.2000449

Sharafaldin, Iman, Arash Habibi Lashkari, Saqib Hakak, and Ali A. Ghorbani. "Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy." In 2019 International Carnahan Conference on Security Technology (ICCST), pp. 1-8. IEEE, 2019. DOI: https://doi.org/10.1109/CCST.2019.8888419

Ni, Jianbing, Xiaodong Lin, and Xuemin Sherman Shen. "Efficient and secure serviceoriented authentication supporting network slicing for 5G-enabled IoT." IEEE Journal on Selected Areas in Communications 36, no. 3 (2018): 644-657. DOI: https://doi.org/10.1109/JSAC.2018.2815418

Li, Dong, Chang Yu, Qizhao Zhou, and Junqing Yu. "Using SVM to detect DDoS attack in SDN network." In IOP Conference Series: Materials Science and Engineering, vol. 466, no. 1, p. 012003. IOP Publishing, 2018. DOI: https://doi.org/10.1088/1757-899X/466/1/012003

Larijani, Hadi, Jawad Ahmad, and Nhamoinesu Mtetwa. "A novel random neural network based approach for intrusion detection systems." In 2018 10th Computer Science and Electronic Engineering (CEEC), pp. 50-55. IEEE, 2018. DOI: https://doi.org/10.1109/CEEC.2018.8674228

Adrien Bonguet and Martine Bellaiche ―A Survey of Denial-of-Service and Distributed Denial of Service Attacks and Defenses in Cloud Computing‖ 5 August 2017. DOI: https://doi.org/10.3390/fi9030043

Zhao, S., Li, W., Zia, T., & Zomaya, A. Y. (2017, November). A dimension reduction model and classifier for anomaly-based intrusion detection in internet of things. In 2017 IEEE 15th Intl Conf on Dependable, Autonomic and Secure Computing, 15th Intl Conf on Pervasive Intelligence and Computing, 3rd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (pp. 836-843). IEEE. DOI: https://doi.org/10.1109/DASC-PICom-DataCom-CyberSciTec.2017.141

Boro, Debojit, and Dhruba K. Bhattacharyya. "DyProSD: a dynamic protocol specific defense for high-rate DDoS flooding attacks." Microsystem Technologies 23 (2017): 593-611. DOI: https://doi.org/10.1007/s00542-016-2978-0

Azhagiri, M. "HIDDEN CONDITIONAL RANDOM FIELDS FOR INTRUSION DETECTION SYSTEM USING LAYERED APPROACH."

Mangaleswaran, M. "Layered Approach for Intrusion Detection System Using Hidden Conditional Random Fields." (2017).

Zantedeschi, Valentina, Maria-Irina Nicolae, and Ambrish Rawat. "Efficient defenses against adversarial attacks." In Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, pp. 39-49. 2017. DOI: https://doi.org/10.1145/3128572.3140449

Boro, Debojit, Himant Basumatary, Tribeni Goswami, and Dhruba K. Bhattacharyya. "UDP flooding attack detection using information metric measure." In Proceedings of International Conference on ICT for Sustainable Development: ICT4SD 2015 Volume 1, pp. 143-153. Springer Singapore, 2016. DOI: https://doi.org/10.1007/978-981-10-0129-1_16

Timotheou, Stelios. "Fast Non-Negative Least-Squares Learning in the Random Neural Network." Probability in the Engineering and Informational Sciences 30, no. 3 (2016): 379-402. DOI: https://doi.org/10.1017/S0269964816000061

Papernot, Nicolas, Patrick McDaniel, Arunesh Sinha, and Michael Wellman. "Towards the science of security and privacy in machine learning." arXiv preprint arXiv:1611.03814 (2016).