Abstract
Distributed denial-of-service attacks are still difficult to handle as per current scenarios. The attack aim is a menace to network security and exhausting the target networks with malicious traffic from multiple sites. Although a plethora of conventional methods have been proposed to detect DDoS attacks, so far the rapid diagnosis of these attacks using feature selection algorithms is a daunting challenge. The proposed system uses a hybrid methodology for selecting features by applying feature selection methods on machine learning classifiers. Feature selections methods, namely chi-square, Extra Tree and ANOVA have been applied on four classifiers Random Forest, Decision Tree, k-Nearest Neighbors and XGBoost for early detection of DDoS attacks on IoT devices. We use the CICDDoS2019 dataset containing comprehensive DDoS attacks to train and assess the proposed methodology in a cloud-based environment (Google Colab). Based on the experimental results, the proposed hybrid methodology provides superior performance with a feature reduction ratio of 82.5% by achieving 98.34% accuracy with ANOVA for XGBoost and helps in early detection of DDoS attacks on IoT devices.
Similar content being viewed by others
Abbreviations
- DDoS:
-
Distributed denial of service
- DT:
-
Decision tree
- FNR:
-
False-negative rate
- FPR:
-
False-positive rate
- IDS:
-
Intrusion detection system
- IoT:
-
Internet of Things
- K-NN:
-
K-Nearest neighbors
- LDAP:
-
Lightweight directory access protocol
- LSTM:
-
Long short-term memory
- NaN:
-
Not a number
- NB:
-
Naïve bayes
- NetBIOS:
-
Network basic input/output system
- NTP:
-
Network time protocol
- RF:
-
Random forest
- TNR:
-
True-negative rate
- TPR:
-
True-positive rate
References
Mahjabin, T.; Xiao, Y.; Sun, G.; Jiang, W.: A survey of distributed denial-of-service attack, prevention, and mitigation techniques. Int. J. Distrib. Sens. N. 13(12), 1–33 (2017). https://doi.org/10.1177/1550147717741463
Brasilino, L.R.; Swamy, M.: Mitigating DDoS Flooding Attacks against IoT using Custom Hardware Modules. In: Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS), Granada, Spain, 22–25 October2019, pp.58–64. Granada, Spain: IEEE
Grammatikis, P.I.R.; Sarigiannidis, P.G.; Moscholios, I.D.: Securing the Internet of Things: challenges, threats and solutions. Internet Things 5, 41–70 (2019)
Bodeia, C.; Chessaa, S.; Gallettab, L.: Measuring security in IoT communications. Theor. Comput. Sci. 764(1), 100–124 (2019). https://doi.org/10.1016/j.tcs.2018.12.002
Ray, P.: A survey on Internet of Things architectures. J. King Saud. Univ. Comp. Info. Sci. 30(3), 291–319 (2018). https://doi.org/10.1016/j.jksuci.2016.10.003
Siegel, J.E.; Kumar, S.; Sarma, S.E.: The future internet of things: secure, efficient, and model-based. IEEE Internet Things J. 5(4), 2386–2398 (2017). https://doi.org/10.1109/JIOT.2017.2755620
Munshi, A.; Alqarni, N.A.; Almalki, N.A.: DDOS Attack on IoT Devices. In: 3rd International Conference on Computer Applications & Information Security (ICCAIS), Riyadh, Saudi Arabia, 19–21 March2020, pp. 1–5. Riyadh, Saudi Arabia: IEEE
Kim, M.: Supervised learning-based DDoS attacks detection: tuning. ETRI J. 41(5), 560–573 (2019). https://doi.org/10.4218/etrij.2019-0156
Alzubi, O.; Alzubi, J.; Tedmori, S.; Rashaideh, H.; Almomani, O.: Consensus-based combining method for classifier ensembles. Int. Arab. J. Inf. Technol. 15(1), 76–86 (2018)
Alzubi, O.A.; Alzubi, J.A.; Alweshah, M.; Qiqieh, I.; Shami, S.A.; Ramachandran, M.: An optimal pruning algorithm of classifier ensembles: dynamic programming approach. Neural. Comput. Appl. 32(5), 16091–16107 (2020). https://doi.org/10.1007/s00521-020-04761-6
Babu, M.V.; Alzubi, J.A.; Sekaran, R.; Patan, R.; Ramachandran, M.; Gupta, D.: An improved IDAF-FIT clustering based ASLPP-RR routing with secure data aggregation in wireless sensor network. Mob. Netw. Appl. (2020). https://doi.org/10.1007/s11036-020-01664-7
Alzubi, J.A.: Bipolar fully recurrent deep structured neural learning based attack detection for securing industrial sensor networks. T. Emerg. Telecommun. T. (2020). https://doi.org/10.1002/ett.4069
Alzubi, J.: Optimal classifier ensemble design based on cooperative game theory. Res. J. Appl. Sci. 11(12), 1336–1343 (2015). https://doi.org/10.19026/rjaset.11.2241
Salahuddin, M.A.; Bari, M.F.; Alameddine, H.A.; Pourahmadi, V.; Boutaba, R.: Time Based Anomaly Detection using Autoencoder. In: International Conference on Network and Service Management, Izmir, Turkey, 2–6 November2020, pp.1–9. Izmir, Turkey: IEEE
Elsayed, M.S.; Khac, N.A.L.; Dev, S.; Jurcut, A.D.: DDoSNet: A Deep-Learning Model for detecting network attacks. In: 21st International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM), Cork, Ireland, 31 August-03 September2020, pp.391–396. Cork, Ireland: IEEE
Maranhao, J.P.A.; Costa, J.P.C.L.D.; Freitas, E.P.D.; Javidi, E.; Junior, R.T.D.S.: Error-robust distributed denial of service attack detection based on an average common feature extraction technique. Sensors 20(20), 5845–5866 (2020). https://doi.org/10.3390/s20205845
Silveria, F.A.F.; Junior, A.D.M.B.; Vargas-Solar, G.; Silveria, L.F.: Smart Detection: an online approach for DoS/DDoS attack detection using machine learning. Secur. Commun. Netw. (2019). https://doi.org/10.1155/2019/1574749
Shurman, M.; Khrais, R.; Yateem, A.: DoS and DDoS attack detection using deep learning and IDS. Int. Arab J. Inf. Technol. 17(4A), 655–661 (2020). https://doi.org/10.34028/iajit/17/4A/10
Li, J.; Liu, M.; Xue, Z.; Fan, X.; He, X.: Rtvd: a real-time volumetric detection scheme for ddos in the internet of things. IEEE Access 8, 36191–36201 (2020). https://doi.org/10.1109/ACCESS.2020.2974293
Jia, Y.; Zhong, F.; Alrawais, A.; Gong, B.; Cheng, X.: Flowguard: an intelligent edge defense mechanism against IoT DDoS attacks. IEEE Internet Things J. 7(10), 9552–9562 (2020). https://doi.org/10.1109/ACCESS.2020.2974293
Sharafaldin, I.; Lashkari, A.H.; Hakak, S.; Ghorbani, A.A.: Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. In: 2019 International Carnahan Conference on Security Technology (ICCST), Chennai, India, pp. 1–8, 1–3 October2019, Chennai, India: IEEE
Alsamiri, J.; Alsubhi, K.: Internet of things cyber attacks detection using machine learning. Int. J. Adv. Comput. Sci. Appl. 10(12), 627–634 (2019). https://doi.org/10.14569/IJACSA.2019.0101280
Gurulakshmi, A.K.: Analysis of IoT Bots against DDOS attack using Machine Learning Algorithm. In: Proceedings of the 2nd International Conference on Trends in Electronics and Informatics (ICOEI 2018), Tirunelveli, India, pp. 1052–1057, 11–12 May 2018, Tirunelveli, India: IEEE. https://doi.org/10.1109/ICOEI.2018.8553896
Meidan, Y.; Sachidananda, V.; Peng, H.; Sagron, R.; Elovici, Y.; Shabtai, A.: A novel approach for detecting vulnerable IoT devices connected behind a home NAT. Comput. Secur. 97, 101968–101991 (2020). https://doi.org/10.1016/j.cose.2020.101968-101991
Wehbi, K.; Hong, L.; Al-salah, T.; Bhutta, A.A.: A Survey on Machine Learning Based Detection on DDoS Attacks for IoT Systems. In: 2019 SoutheastCon, Huntsville, AL, USA, pp. 1–6, 11–14 April2019, AL, USA: IEEE. https://doi.org/10.1109/SoutheastCon42311.2019.9020468
Hosseini, S.; Azizi, M.: The hybrid technique for DDoS detection with supervised learning algorithms. Comput. Netw. 158, 35–45 (2019). https://doi.org/10.1016/j.comnet.2019.04.027
Alkasassbeh, M.; Hassanat, A.B.; Naymat, G.A.; Almseidin, M.: Detecting distributed denial of service attacks using data mining techniques. Int. J. Adv. Comput. Sci. Appl. 7(1), 436–445 (2016). https://doi.org/10.14569/IJACSA.2016.070159
Wang, M.; Lu, Y.; Qin, J.: A dynamic MLP-based DDoS attack detection method using feature selection and feedback. Comput. Secur. 88, 101645–101659 (2020). https://doi.org/10.1016/j.cose.2019.101645
Al Hamad, M.; Zeki, A.M.: Accuracy vs. cost in decision trees: A survey. In: 2018 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT), Sakhier, Bahrain, pp. 1–4, 18–20 November 2020, Sakhier, Bahrain: IEEE. https://doi.org/10.1109/3ICT.2018.8855780
Azad, M.; Moshkov, M.: Classification and Optimization of Decision Trees for Inconsistent Decision Tables Represented as MVD tables. In: Proceedings of the Federated Conferenc e on Computer Science and Information Systems, Lodz, Poland, pp. 31–38, 13–16 September 2015, Lodz, Poland. IEEE. https://doi.org/10.15439/2015F231
Rani, P.; Kumar, R.; Jain, A.: Multistage model for accurate prediction of missing values using imputation methods in heart disease dataset. In: Raj, J.S.; Iliyasu, A.M.; Bestak, R.; Baig, Z.A. (Eds.) Innovative Data Communication Technologies and Application, pp. 637–653. Springer, Singapore (2021). https://doi.org/10.1007/978-981-15-9651-3_53
Rani, P.; Kumar, R.; Ahmed, N.M.S.; Jain, A.: A decision support system for heart disease prediction based upon machine learning. J. Reliab. Intell. Environ. (2021). https://doi.org/10.1007/s40860-021-00133-6
Xue, H.; Wang, P.: An Improved Sample Mean KNN Algorithm Based on LDA. In: 11th International Conference on Intelligent Human-Machine Systems and Cybernetics (IHMSC), Hangzhou, China, pp. 266–270, 24–25 August 2019, Hangzhou, China. https://doi.org/10.1109/IHMSC.2019.00068
Zhang, C.; Wang, D.; Song, C.; Wang, L.; Song, J.; Guan, L.; Zhang, M.: Interpretable learning algorithm based on XGboost for fault prediction in optical network. In: 2020 Optical Fiber Communications Conference and Exhibition (OFC), San Diego, CA, USA pp. 1–3, 8–12 March 2020, San Diego, CA, USA IEEE
Sadique, K.M.; Rahmani, R.; Johannesson, P.: Towards security on internet of things: applications and challenges in technology. Proc. Comput. Sci. 141, 199–206 (2018). https://doi.org/10.1016/j.procs.2018.10.168
Sharma, D.: Implementing Chi-Square method and even mirroring for cryptography of speech signal using Matlab. In: International Conference on Next Generation Computing Technologies (NGCT), Dehradun, India pp. 394–397, 4–5 September2015, Dehradun, India. IEEE. https://doi.org/10.1109/NGCT.2015.7375148
Alsariera, Y.A.; Adeyemo, V.E.; Balogun, A.O.; Alazzawi, A.K.: AI meta-learners and extra-trees algorithm for the detection of phishing websites. IEEE Access 8, 142532–142542 (2020). https://doi.org/10.1109/ACCESS.2020.3013699
Pena, M.; Alvarez, X.; Jadán, D.; Lucero, P.; Barragán, M.; Guamán, R.; Sánchez, V.; Cerrada, M.: ANOVA and cluster distance based contributions for feature empirical analysis to fault diagnosis in rotating machinery. In: International Conference on Sensing, Diagnostics, Prognostics, and Control (SDPC), Shanghai, China pp. 69–74, 16–18 August2017, Shanghai, China IEEE. https://doi.org/10.1109/SDPC.2017.23
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Gaur, V., Kumar, R. Analysis of Machine Learning Classifiers for Early Detection of DDoS Attacks on IoT Devices. Arab J Sci Eng 47, 1353–1374 (2022). https://doi.org/10.1007/s13369-021-05947-3
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13369-021-05947-3