A DRDoS Detection and Defense Method Based on Deep Forest in the Big Data Environment
作者: Ruomeng Xu , Jieren Cheng , Fengkai Wang , Xiangyan Tang , Jinying Xu
DOI: 10.1007/978-3-030-05234-8_21
关键词:
摘要: Distributed denial-of-service (DDoS) has developed multiple variants, one of which is distributed reflective (DRDoS). Within the increasing number Internet-of-Things (IoT) devices, threat DRDoS attack growing, and damage a more destructive than other types. Many existing methods for cannot generalize early detection, leads to heavy load or degradation service when deployed at final point. In this paper, we propose detection defense method based on deep forest model (DDDF), then integrate differentiated into filter out flow. Firstly, from statistics perspective different stages flow in big data environment, extract host-based index (HDTI) network Secondly, using HDTI feature build forest, consists 5 estimators each layer. Lastly, procedure applies result DDDF drop identified points. Theoretical analysis experiments show that proposed can effectively identify with higher rate lower false alarm rate, also shows distinguishing ability eliminate flow, dramatically reduce attack.
mdpi.com
springer.com
sci-hub.st 参考文章(33)
Hung-Jen Liao, Chun-Hung Richard Lin, Ying-Chih Lin, Kuang-Yuan Tung, Review: Intrusion detection system: A comprehensive review Journal of Network and Computer Applications. ,vol. 36, pp. 16- 24 ,(2013) , 10.1016/J.JNCA.2012.09.004
Bingshuang Liu, Jun Li, Tao Wei, Skyler Berg, Jiayi Ye, Chen Li, Chao Zhang, Jianyu Zhang, Xinhui Han, SF-DRDoS Computer Communications. ,vol. 69, pp. 107- 115 ,(2015) , 10.1016/J.COMCOM.2015.06.008
C. Manikopoulos, S. Papavassiliou, Network intrusion and fault detection: a statistical anomaly approach IEEE Communications Magazine. ,vol. 40, pp. 76- 82 ,(2002) , 10.1109/MCOM.2002.1039860
Jin Li, Zheli Liu, Xiaofeng Chen, Fatos Xhafa, Xiao Tan, Duncan S. Wong, L-EncDB: A lightweight framework for privacy-preserving data queries in cloud computing Knowledge Based Systems. ,vol. 79, pp. 18- 26 ,(2015) , 10.1016/J.KNOSYS.2014.04.010
Frank Kargl, Joern Maier, Michael Weber, Protecting web servers from distributed denial of service attacks Proceedings of the tenth international conference on World Wide Web - WWW '01. pp. 514- 524 ,(2001) , 10.1145/371920.372148
Marios Anagnostopoulos, Georgios Kambourakis, Panagiotis Kopanos, Georgios Louloudakis, Stefanos Gritzalis, DNS amplification attack revisited Computers & Security. ,vol. 39, pp. 475- 485 ,(2013) , 10.1016/J.COSE.2013.10.001
Ognjen Vukovic, Gyorgy Dan, Security of Fully Distributed Power System State Estimation: Detection and Mitigation of Data Integrity Attacks IEEE Journal on Selected Areas in Communications. ,vol. 32, pp. 1500- 1508 ,(2014) , 10.1109/JSAC.2014.2332106
Jianxin Jeff Yan, Hyun‐Jin Choi, Security issues in online games The Electronic Library. ,vol. 20, pp. 125- 133 ,(2002) , 10.1108/02640470210424455
Jieren Cheng, Boyun Zhang, Jianping Yin, Yun Liu, Zhiping Cai, DDoS Attack Detection Using Three-State Partition Based on Flow Interaction International Conference on Security Technology. pp. 176- 184 ,(2009) , 10.1007/978-3-642-10847-1_22
P. García-Teodoro, J. Díaz-Verdejo, G. Maciá-Fernández, E. Vázquez, Anomaly-based network intrusion detection: Techniques, systems and challenges Computers & Security. ,vol. 28, pp. 18- 28 ,(2009) , 10.1016/J.COSE.2008.08.003