Application Layer Denial of Service Attack Detection using Deep Learning Approach
Keywords:
Denial of Service (DoS) Attack, Neural Network, Machine Learning, Deep Learning, Supervised Learning, Network Security, Application Layer, TensorFlowAbstract
Denial of Service attack, is one of the deadliest attacks of the Internet era. It’s major objective is to prevent legitimate users from accessing services over a network. DoS attacks can be broadly classified into network layer and application layer attacks. In this paper focus is on detection of well-known HTTP based application layer DoS attacks. We have proposed an integrated solution for detection of both volumetric and non-volumetric HTTP based application layer DoS attacks. The proposed system uses an in-memory analytics mechanism to extract the input feature set from the live traffic. On the basis of its learning from the training phase the deep neural network identifies the attacker using the feature set. We have used the TensorFlow to build the deep neural network. We have built a conformation mechanism to further reduce false positives. The result reveals that the proposed system can achieve 99.92% classification accuracy with only 0.003% false positives.
References
[1] H. Jazi, H. Gonzalez, N. Stakhanova, A. Ghorbani, “Detecting HTTP-based application layer DoS attacks on web servers in the presence of sampling”, Computer Networks, Vol. 121 pp. 25-36, 2017.
[2] H. Beitollahi, G. Deconinck, “Tackling Application-layer DDo-S Attacks”, Procedia Computer Science, Vol. 10, pp. 432-441, 2012.
[3] M. Shtern, R. Sandel, M. Litoiu, C. Bachalo, V. Theodorou, "Towards Mitigation of Low and Slow Application DDoS Attacks", In the Proceedings of the 2014 International Conference on Cloud Engineering, USA, pp. 604-609, 2014.
[4] S. Yadav and S. Subramanian, “Detection of Application Layer DDoS Attack by Feature Learning Using Stacked Autoencoder”, In the Proceedings of the International Conference on Computational Techniques in Information and Communication Technologies, India, pp. 361-366, 2016.
[5] K. Prasad, A. Reddy, K. Rao, "Ensemble Classiers with Drift Detection (ECDD) in Trafic Flow Streams to Detect DDOS Attacks", Wireless Personal Communications, Vol. 99 pp. 1639-1659, 2018.
[6] M. Najafabadi, T. Khoshgoftaar, C. Calvert, C. Kemp, "User Behavior Anomaly Detection for Application Layer DDoS Attacks", In the Proceedings of the International Conference on Information Reuse and Integration, USA, pp. 154-161, 2017.
[7] A. Alsirhani, S. Sampalli, P. Bodorik, “DDoS Attack Detection System Utilizing Classication Algorithms with Apache Spark”, In the Proceedings of the 2018 International Conference on New Technologies, Mobility and Security, Spain, pp. 1-7, 2018.
[8] C. Kemp, C. Calvert, T. Khoshgoftaar, “Utilizing Netflow Data to Detect Slow Read Attacks”, In the Proceedings of the 2018 International Conference on Information Reuse and Integration, USA, pp. 108-116, 2018.
[9] V. Katkar, A. Zinjade, S. Dalvi, T. Bafna, R. Mahajan, “Detection of DoS/DDoS attack against HTTP Servers using Naïve Bayesian”, In the Proceedings of the 2015 International Conference on Computing Communication Control and Automation, India, pp. 280-285, 2015.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.
