A Framework for Detecting Distributed Denial of Services Attack in Cloud Enviorment using Machine Learning Techniques
DOI:
https://doi.org/10.29070/hc5qzn85Keywords:
DDoS, Network Intrusion, Detection System, Ensemble machine learning systemAbstract
Distributed Denial of Service (DDoS) persists in Online Applications as One of those significant threats. Attackers can execute DDoS by the more natural steps. Then with the high productivity to slow the consumer access services down. To detect an attack on DDoS and using machine learning algorithms. The Overseen to detect and mitigate the attack, machine learning algorithms such as Naive Bayes, decision tree, k-nearest neighbours (k-NN) and random forest are used. There are three steps: gathering information, preprocessing and feature Extraction in "Normal or DDoS" classification algorithm for detection Attack use Dataset NSL-KDD. Similar algorithms have different functions Conduct that is dependent on the features selected. DDOS-attack performance Detection is compared, and it indicates the best algorithm.
Attempts at Distributed Denial of Service ( DDoS) Were the most powerful attacks of the last period. A Virtual Network. The intrusion detection system (NIDS) should be designed seamlessly to Fight the latest strategies and trends of those attackers NIDS on DDoS. In this paper, we propose an NIDS capable of detecting Current DDoS attacks, as well as new forms. The main characteristic of Our NIDS is the combination of various classifiers using an ensemble Models, with the concept of each classifier being able to target different Aspects/types of intrusions, and more effective in doing so Mechanism for protecting against new intrusions. Additionally, we perform a detailed study of and based on, DDoS attacks check the reduced set of functions [27, 28] to be essential to Enhance accuracy. We are playing with and analyzing NSL-KDD Dataset with a feature set reduced, and our proposed NIDS will Detect 99.1 per cent of active DDoS attacks. Let's compare our Tests with other methods which already exist. Our approach to NIDS has Able to learn to keep up with existing and evolving DDoS Attack trends.
References
Rao, N.S., Sekharaiah, K.C., Rao, A.A.: A survey of distributed denial-of-service (DDoS)defense techniques in ISP domains. In: Innovations in Computer Science and Engineering,p. 221–230. Springer, Singapore (2019)
Gupta, B.B., Joshi, R.C., Misra, M.: Distributed denial of service prevention techniques.rXiv preprint arXiv:1208.3557 (2012)
Rao, N.S., Sekharaiah, K.C., Rao, A.A.: A survey of discriminating distributed DoSattacksfrom flash crowds. In: International Conference on Smart Trends for InformationTechnology and Computer Communications, pp. 733–742. Springer, Singapore (2016)
https://phoenixnap.com/blog/cyber-security-attack-types874 I. Philo Prasanna and M. Suguna
Jing, X., Yan, Z., Jiang, X., Pedrycz, W.: Network traffic fusion and analysis against DDoSflooding attacks with a novel reversible sketch. Inf. Fusion 51, 100–113 (2019)
https://www.techopedia.com/definition/24748/cyberattack
https://medium.com/@aslam.ali9560/types-of-web-security-attack-496f4cee7212
https://www.imperva.com/learn/application-security/land-attacks/
https://en.wikipedia.org/wiki/Supervised_learning
https://machinelearningmastery.com/supervised-and-unsupervised-machine-learning-algorithms/
https://en.wikipedia.org/wiki/Reinforcement_learning
NSL-KDD—Datasets—Research—Canadian Institute for Cybersecurity—UNB (2017). http://www.unb.ca/cic/datasets/nsl.html
Dhanabal, L., Shantharajah, S.P.: A study on NSL-KDD dataset for intrusion detectionsystem based on classification algorithms. Int. J. Adv. Res. Comput. Commun. Eng. 4(6),46–452 (2015)
Osanaiye, O., Cai, H., Choo, K.-K.R., Dehghantanha, A., Xu, Z., Dlodlo, M.: Ensemblebasedmulti-filter feature selection method for DDoS detection in cloud computing.EURASIP J. Wirel. Commun.Netw. 2016(1), 130 (2016)
Revathi, S., Malathi, A.: A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection. Int. J. Eng. Res. Technol. (IJERT) 2(12), 1848–1853 (2013)
Illy, P., Kaddoum, G., Moreira, C.M., Kaur, K., Garg, S.: Securing fog-to-thingsenvironment using intrusion detection system based on ensemble learning. arXiv preprintarXiv:1901.10933 (2019)
Shamshirband, S., Anuar, N.B., Laiha, M., Kiah, M., Misra, S.: Anomaly detection usingfuzzy Q-learning algorithm. ActaPolytech. Hung. 11(8), 5–28 (2014)
Zekri, M., El Kafhali, S., Aboutabit, N., Saadi. Y.: DDoS attack detection using machinelearning techniques in cloud computing environments. In: 2017 3rd International Conferenceof Cloud Computing Technologies and Applications (CloudTech), pp. 1–7. IEEE (2017)
Nathiya, T., Suseendran, G.: An effective way of cloud intrusion detection system usingdecision tree, support vector machine and Naïve bayes algorithm. Int. J. Recent.Technol. Eng. (IJRTE) 7(4S2), 38–43 (2018)
Larose, D.T., Larose, C.D.: K-nearest neighbor algorithm. In: Discovering Knowledge inData: An Introduction to Data Mining, 2nd edn., pp. 149–164. Wiley (2014)
This work is licensed under a 