Machine Learning-Based Distributed Denial of Services (DDoS) Attack Detection in Intelligent Information Systems

Machine Learning-Based Distributed Denial of Services (DDoS) Attack Detection in Intelligent Information Systems

Wadee Alhalabi, Akshat Gaurav, Varsha Arya, Ikhlas Fuad Zamzami, Rania Anwar Aboalela
Copyright: © 2023 |Pages: 17
DOI: 10.4018/IJSWIS.327280
Article PDF Download
Open access articles are freely available for download

Abstract

The danger of distributed denial of service (DDoS) attacks has grown in tandem with the proliferation of intelligent information systems. Because of the sheer volume of connected devices, constantly shifting network circumstances, and the need for instantaneous reaction, conventional DDoS detection methods are inadequate for the IoT. In this context, this study aims to survey the current state of the art in the topic by reading relevant articles found in the Scopus database, with a brief overview of the IoT and DDoS as this study examines neural networks and their applicability to DDoS detection. Finally, a decision tree-based model is developed for the detection of DDoS attacks. The analysis sheds light on the present trends and issues in this field and suggests avenues for further study.
Article Preview
Top

Introduction

Distributed Denial of Service (DDoS) attacks are designed to overwhelm a network with malicious traffic (Kamaljeet Kaur & Parveen Kakkar, n.d.; Q. Zhang et al., 2023; Cvitic´ et al., 2021). DDoS attacks are a significant threat to web-based applications and networks. Lau et al. (Lau et al., n.d.) describes the methods and techniques used in DDoS attacks and lists possible defenses. Salim et al.(Salim et al., 2019) comprehensively surveys DDoS attacks from IoT devices to the cloud environment, including attack methods, tools, and state-of-the-art defense measures. Bhuyan et al.,(Bhuyan et al., 2013) discusses the two types of DDoS attack architectures: the Agent-Handler architecture and the Internet Relay Chat (IRC)-based architecture. Patil et al.(Patil et al., 2021) presents a comprehensive review of existing distributed frameworks for detecting DDoS attacks and characterizes several existing distributed processing frameworks to select an appropriate one for deploying DDoS attack detection mechanisms.

DDoS is a severe attack caused so far in the world, that crashes many servers, blocks network traffic, and drastically reduces its speed. Various technologies such as Machine Learning, Deep Learning, Blockchain, and Cyber Security have been applied by researchers for handling DDoS attacks. Securing data in an IoT network is challenging due to its decentralized nature and data being shared among millions of devices (Varalakshmi et al., 2021; Stergiou et al., 2021; A. Singh & Gupta, 2022). Machine Learning is a powerful tool for detecting DoS/DDoS attacks.Different machine learning techniques have been used to detect DoS/DDoS attacks, such as supervised, unsupervised, and deep learning. The accuracy of the detection of DoS/DDoS attacks can be improved by combining different machine learning techniques (Verma & Kumar, 2021; B. B. Gupta et al., 2009; Z. Zhang et al., 2017). DDoS attack detection is a challenging task in cloud computing. Artificial Intelligence (AI) based approaches can be used to detect DDoS attacks in cloud computing. Comprehensive reviews of existing DDoS attack detection methods are needed to improve the security of cloud computing (R. Devi & N. Umamaheswari, n.d.; Dahiya & Gupta, 2021; Kumar et al., 2021; Wahab et al., 2017). Feature selection is an important factor in improving the accuracy of ML-based solutions for detecting DDoS attacks. Different datasets such as KDD, UNSW-NB15, and others can affect the accuracy of ML. Several feature engineering strategies can be chosen to improve ML solutions on DDoS attacks(Faiz et al., 2022).

The consequences of a DDoS attack are varied and can affect multiple stakeholders (Abbas et al., 2021; Wassan et al., 2022; Mishra et al., 2021). Somani et al.(Somani et al., 2016) argues that in cloud computing, collateral damage to non-targets can include performance interference, web service performance, resource race, indirect EDoS, service downtime, and business losses. Maciel et al.(Maciel et al., 2018) proposes hierarchical models to assess the impact of a DDoS attack on computer systems, including the likelihood of an attack, attacker benefits, feasibility, the pain factor, and the propensity of the offense. Abhishta et al.(Abhishta et al., 2017) analyzes the impact of DDoS attack announcements on victim stock prices and finds a significant negative impact in cases where the attack creates an interruption in services. Hurst et al.(Hurst et al., 2015) focuses on predicting the effects of DDoS attacks on a network of critical infrastructures and demonstrates a technique for assessing the future impact of disruptions on an integrated critical infrastructure network. Overall, the papers suggest that the consequences of a DDoS attack can be significant and wide-ranging, affecting not only the target but also other stakeholders and potentially causing financial losses.

Complete Article List

Search this Journal:
Reset
Volume 19: 1 Issue (2023)
Volume 18: 4 Issues (2022): 2 Released, 2 Forthcoming
Volume 17: 4 Issues (2021)
Volume 16: 4 Issues (2020)
Volume 15: 4 Issues (2019)
Volume 14: 4 Issues (2018)
Volume 13: 4 Issues (2017)
Volume 12: 4 Issues (2016)
Volume 11: 4 Issues (2015)
Volume 10: 4 Issues (2014)
Volume 9: 4 Issues (2013)
Volume 8: 4 Issues (2012)
Volume 7: 4 Issues (2011)
Volume 6: 4 Issues (2010)
Volume 5: 4 Issues (2009)
Volume 4: 4 Issues (2008)
Volume 3: 4 Issues (2007)
Volume 2: 4 Issues (2006)
Volume 1: 4 Issues (2005)
View Complete Journal Contents Listing