Adaptive DDoS Attack Detection Method Based on Multiple-Kernel Learning
TL;DR: Based on the burstiness of DDoS attack flow, the distribution of addresses, and the interactivity of communication, this paper defined five features to describe the network flow characteristic, which can detect DDoS attacks early and accurately.
read more
Abstract: Distributed denial of service (DDoS) attacks has caused huge economic losses to society. They have become one of the main threats to Internet security. Most of the current detection methods based on a single feature and fixed model parameters cannot effectively detect early DDoS attacks in cloud and big data environment. In this paper, an adaptive DDoS attack detection method (ADADM) based on multiple-kernel learning (MKL) is proposed. Based on the burstiness of DDoS attack flow, the distribution of addresses, and the interactivity of communication, we define five features to describe the network flow characteristic. Based on the ensemble learning framework, the weight of each dimension is adaptively adjusted by increasing the interclass mean with a gradient ascent and reducing the intraclass variance with a gradient descent, and the classifier is established to identify an early DDoS attack by training simple multiple-kernel learning (SMKL) models with two characteristics including interclass mean squared difference growth (M-SMKL) and intraclass variance descent (S-SMKL). The sliding window mechanism is used to coordinate the S-SMKL and M-SMKL to detect the early DDoS attack. The experimental results indicate that this method can detect DDoS attacks early and accurately.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Bandwidth Control Mechanism and Extreme Gradient Boosting Algorithm for Protecting Software-Defined Networks Against DDoS Attacks
TL;DR: A DDoS mitigation scheme for SDN to ensure accurate attack detection and efficient network resource utilization and validated in real-time with the SDN environment shows that it protects SDN against DDoS attacks with high accuracy, low error, and efficient utilization of the network resources.
•Journal Article
Generative Adversarial Networks: A Literature Review
TL;DR: Traditional generation models and typical Generative Adversarial Networks models are reviewed, the application of their models in natural language processing and computer vision is analyzed, and the contributions in information security, cyber security and artificial intelligence security are reviewed.
56
An Adaptive Protection of Flooding Attacks Model for Complex Network Environments
Bashar Ahmad Khalaf,Salama A. Mostafa,Aida Mustapha,Mazin Abed Mohammed,Moamin A. Mahmoud,Bander Ali Saleh Al-rimy,Shukor Abd Razak,Mohamed Elhoseny,Adam Marks +8 more
TL;DR: In this article, an adaptive agent-based model, known as an Adaptive Protection of Flooding Attacks (APFA), is proposed to protect the Network Application Layer (NAL) against DDoS flooding attacks and FC flooding traffics.
Machine Learning for Securing SDN based 5G Network
TL;DR: The purpose of this research is to analyze the suitable machine learning (ML) for securing the SDN controller targeted by DDoS attacks and proposes a security scheme that includes the ML algorithm, adaptive bandwidth mechanism, and dynamic threshold technique.
Neural Network-Based Approach for Detection and Mitigation of DDoS Attacks in SDN Environments
TL;DR: This study provides a live traffic analysis method with a neural network for live DDoS detection in SDN environments based on a Neural Network based Traffic Flow Classifier (TFC-NN).
18
References
Machine learning: Trends, perspectives, and prospects
TL;DR: The adoption of data-intensive machine-learning methods can be found throughout science, technology and commerce, leading to more evidence-based decision-making across many walks of life, including health care, manufacturing, education, financial modeling, policing, and marketing.
7.7K
Software-Defined Networking: A Comprehensive Survey
Diego Kreutz,Fernando M. V. Ramos,Paulo Veríssimo,Christian Esteve Rothenberg,Siamak Azodolmolky,Steve Uhlig +5 more
- 01 Jan 2015
TL;DR: This paper presents an in-depth analysis of the hardware infrastructure, southbound and northbound application programming interfaces (APIs), network virtualization layers, network operating systems (SDN controllers), network programming languages, and network applications, and presents the key building blocks of an SDN infrastructure using a bottom-up, layered approach.
Significant Permission Identification for Machine-Learning-Based Android Malware Detection
TL;DR: Significant Permission IDentification (SigPID), a malware detection system based on permission usage analysis to cope with the rapid increase in the number of Android malware, is introduced.
609
Multi-key privacy-preserving deep learning in cloud computing
TL;DR: This work presents a basic scheme based on multi-key fully homomorphic encryption (MK-FHE), and proposes a hybrid structure scheme by combining the double decryption mechanism and FHE, and proves that these two multi- key privacy-preserving deep learning schemes over encrypted data are secure.
508
A DDoS Attack Detection Method Based on SVM in Software Defined Network
TL;DR: The SDN environment by mininet and floodlight is constructed, 6-tuple characteristic values of the switch flow table is extracted, and then DDoS attack model is built by combining the SVM classification algorithms and average accuracy rate of the method is with a small amount of flow collecting.