Distributed Denial of Service Detection using Multi Layered Feed Forward Artificial Neural Network

Full Text (PDF, 748KB), PP.29-35

Views: 0 Downloads: 0

Author(s)

Ismaila Idris 1,* Obi Blessing Fabian 1 Shafii M. Abdulhamid 1 Morufu Olalere 1 Baba Meshach 1

1. Department of Cyber Security, Federal University of Technology, Minna, Nigeria

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2017.12.04

Received: 20 Jun. 2017 / Revised: 26 Jul. 2017 / Accepted: 10 Aug. 2017 / Published: 8 Dec. 2017

Index Terms

DDoS attacks, DDoS detectors, Artificial Neural Network, Feed Forward Artificial Neural Network

Abstract

One of the dangers faced by various organizations and institutions operating in the cyberspace is Distributed Denial of Service (DDoS) attacks; it is carried out through the internet. It resultant consequences are that it slow down internet services, makes it unavailable, and sometime destroy the systems. Most of the services it affects are online applications and procedures, system and network performance, emails and other system resources. The aim of this work is to detect and classify DDoS attack traffics and normal traffics using multi layered feed forward (FFANN) technique as a tool to develop model. The input parameters used for training the model are: service count, duration, protocol bit, destination byte, and source byte, while the output parameters are DDoS attack traffic or normal traffic. KDD99 dataset was used for the experiment. After the experiment the following results were gotten, 100% precision, 100% specificity rate, 100% classified rate, 99.97% sensitivity. The detection rate is 99.98%, error rate is 0.0179%, and inconclusive rate is 0%. The results above showed that the accuracy rate of the model in detecting DDoS attack is high when compared with that of the related works which recorded detection accuracy as 98%, sensitivity 96%, specificity 100% and precision 100%.

Cite This Paper

Ismaila Idris, Obi Blessing Fabian, Shafi’i M. Abdulhamid, Morufu Olalere, Baba Meshach, "Distributed Denial of Service Detection using Multi Layered Feed Forward Artificial Neural Network", International Journal of Computer Network and Information Security(IJCNIS), Vol.9, No.12, pp.29-35, 2017. DOI:10.5815/ijcnis.2017.12.04

Reference

[1]Jie-Hao C.; Feng-Jiao C., Z. (2012). "DDoS defense system with test and neural network,."in: Proceedings of the IEEE International Conference on Granular Computing (GrC), Hangzhou, China pp.38 - 43.
[2]Li J.; Liu Y.; Gu L. (2010). "DDoS attack detection based on neural network,." in: Proceedings of the 2nd International Symposium on Aware Computing (ISAC), Tainan: pp. 196–199.
[3]Akilandeswari V.; Shalinie S.M. (2012). "Probabilistic neural network based attack traffic classification." in: Proceedings of the Fourth International Conference on Advanced Computing (ICoAC), Chennai: pp. 1- 8.
[4]Gupta B.B., Misra M., (2011). "ANN based scheme to predict number of zombies in a DDoS attack." international Journal on network security 13(3):pp. 216–225.
[5]Yu S., R.Doss and W.Jia, (2011). "Traceback of DDoS attacks using entropy variations.", IEEE Trans. Parallel Distrib. Syst 22(3): pp. 412–425.
[6]Gaikwad, A. P. (2015). "Comparative analysis of the Prevention Techniques of Denial of Service Attacks in wireless Sensor Network." International Conference on Intelligent Computing, Communication & Convergence 48 pp.387 – 393.
[7]Prakasha, A. Sri M. S., T .Sai Bhargava and N. Bhalajia (2016). "Detection and Mitigation of Denial of Service Attacks Using Stratified Architecture." 4th International Conference on Recent Trends in Computer Science & Engineering 87: pp. 27 – 280.
[8]Andrew M., Carlin H. O. A. (2015). "Defence for Distributed Denial of Service Attacks in Cloud Computing." The International Conference on Advanced Wireless, Information, and Communication Technologies 73: pp. 490 – 497.
[9]Beekman, G. J. (2016). "A Denial of Service attack against fair computations using Bitcoin deposits." pp.144–146.
[10]Alan Saied, R. Tomasz Radzik O. (2016). "Detection of known and unknown DDoS attacks using Artificial Neural Networks." pp.385–393.
[11]Zubair A.Baig, S. M. S., and Abdul Rahman Shaheen (2013)."GMDH - based networks for intelligent intrusion detection." pp. 1731–1740.
[12]Rui André Oliveira, N. L. M. V. (2015). "Assessing the security of web service frameworks agains Denial of Service attacks." pp. 109: 18–31.
[13]Stavros N. Shiaeles, V. K., Alexandros S. Karakos, Basil K. Papadopoulos (2012). "Real time DDoS detection using fuzzy estimators." 31
[14]Karanpreet Singh, P. S. (2016). "A systematic review of IP trace back schemes for denial of service attacks." computers & s e c u r i t y 56:pp. 111–139.
[15]Ping Yi, T. Z., Qingquan Zhang, Yue Wua and Li Pan (2016). "Puppet attack: A denial of service attack in advanced metering infrastructure network." pp.325–332.
[16]Opeyemi Osanaiye, K. (2016). "Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework." 67:pp. 147–165.
[17]Alomari, E. B. Ga. S. K. (2012). "Botnet-based distributed denial of service (DDoS) attacks on webservers." classification and art Int. J. Comput. Appl. 47(9): pp.24–32.
[18]Munivara K. Prasad, A. (2014). "DoS and DDoS Attacks: Defense, Detection and Trace back Mechanisms -A Survey." Global Journal of Computer Science and Technology: E Network, Web & Security 14(7).
[19]Abdulhamid S. M., Abd Latiff M. S., H. Chiroma, O. Osho, G. Abdul-Salaam, A. I. Abubakar, and T. Herawan
(2017), "A Review on Mobile SMS Spam Filtering Techniques", IEEE Access, DOI: 10.1109/ACCESS.2017.2666785.
[20]Gupta, R., & Shukla, P. K. (2015). Performance Analysis of Anti-Phishing Tools and Study of Classification Data Mining Algorithms for a Novel Anti-Phishing System. International Journal of Computer Network and Information Security (IJCNIS), 7(12), 70.
[21]Adebayo, O. S., Ugiomoh, D. O., & AbdulMalik, M. D. (2013). The Design and Development of Real-Time E-Voting System in Nigeria with Emphasis on Security and Result Veracity. International Journal of Computer Network and Information Security, 5(5), 9.
[22]Yasin, Adwan F. "Spam Reduction by using E-mail History and Authentication (SREHA)." International Journal of Computer Network and Information Security 8, no. 7 (2016): 17.