Deep learning-based distributed denial of service detection system in the cloud network

Year 2023, Issue: 055, 16 - 33, 31.12.2023

Emine Deniz , Soydan Serttaş

https://doi.org/10.59313/jsr-a.1333839

Abstract

Cloud computing offers an efficient solution that enables businesses and users to deliver flexible and scalable services by sharing resources. However, this shared resource pool also exposes vulnerabilities to various cyber threats, such as Distributed Denial of Service (DDoS) attacks. These DDoS attacks, due to their potential impact, can be highly destructive and disruptive. They render servers unable to serve users, leading to system crashes. Moreover, they can severely tarnish the reputation of organizations and result in significant financial losses. Consequently, DDoS attacks are among the most critical threats faced by institutions and organizations.
The primary objective of this study is to identify and detect DDoS attacks within cloud computing environments. Given the challenges associated with acquiring a cloud-based dataset, the main motivation behind this research was to construct a dataset within a cloud-based system and subsequently evaluate the intrusion detection capabilities of deep learning (DL) algorithms using this dataset. Initially, an HTTP flood attack was executed after creating a network topology within the OpenStack framework. The study employed Convolutional Neural Network (CNN), Artificial Neural Network (ANN), and Long Short-Term Memory (LSTM) models for attack detection. The performance of these models was assessed using various measurement metrics, and it was found that the LSTM model delivered the most impressive results, achieving an accuracy rate of 98%.

Keywords

Cybersecurity, Cloud computing, Distributed denial of service, Deep learning, Anomaly detection, OpenStack, Long short-term memory

References

• [1] M. Mittal, K. Kumar & S. Behal, “Deep learning approaches for detecting DDoS attacks: a systematic review”, Soft Computing, 1-37, 2022.
• [2] D. Berard, “A single DDoS attack can cost a company more than $400,000”, https://www.kaspersky.com/about/press-releases/2015_a-single-ddos-attack-can-cost-a-company-more-than--400000, (accessed Jul. 27, 2023).
• [3] C. Canongia, & R. A. Mandarino, “Cybersecurity: The new challenge of the information society”, In Handbook of Research on Business Social Networking: Organizational, Managerial, and Technological Dimensions, 165-184, 2012, doi:10.4018/978-1-4666-4707-7.ch003.
• [4] A. D. Samsoerizal, E. R. Hidayat, & A. Sukendro, “Analytical study of indonesian cybersecurity: lesson learned from estonian cyberattacks in 2007”, International Journal of Arts and Social Science, 32-33, 2022.
• [5] I. Balaban, “Denial-of-service attack”, Intel J. Info. Sec. & Cybercrime, 10-59, 2021.
• [6] A. Rawashdeh, M. Alkasassbeh, & M. Al-Hawawreh, “An anomaly-based approach for DDoS attack detection in cloud environment”, International Journal of Computer Applications in Technology, 312-324, 2018.
• [7] E. T. Ayan, M. S. Zengin, G. Deniz, H. A. Duru & B. Bardak, “Interpretable cybersecurity event detection in turkish: a novel dataset”, In 2022 Innovations in Intelligent Systems and Applications Conference, Antalya, Turkey, 2022, pp. 1-6, doi: 10.1109/ASYU56188.2022.9925501.
• [8] R. V. Deshmukh, & K. K. Devadkar, “Understanding DDoS attack & its effect in cloud environment”, Procedia Computer Science, 202-210, 2015.
• [9] N. Bindra, & M. Sood, “Detecting DDoS attacks using machine learning techniques and contemporary intrusion detection dataset”, Automatic Control and Computer Sciences, 419-428, 2019.
• [10] X. Yuan, P. He, Q. Zhu, & X. Li, “Adversarial examples: attacks and defenses for deep learning”, IEEE transactions on neural networks and learning systems, 2805-2824, 2019.
• [11] “The Most Widely Deployed Open Source Cloud Software in the World”, https://www.openstack.org/ (accessed Feb. 1, 2023).
• [12] M. Abadi, A. Agarwal, P. Barham, E. Brevdo, Z. Chen, C. Citro, et al. “TensorFlow: large-scale machine learning on heterogeneous distributed systems”, http://download.tensorflow.org/paper/whitepaper2015.pdf, (accessed Jul. 20, 2023).
• [13] G. C. Kessler, & D. E. Levin, “Denial-of-service attacks”, John Wiley & Sons, 12 September 2015, doi.org/10.1002/9781118851678.ch18.
• [14] Cisco Annual Internet Report (2018–2023) White Paper, Available: https: //www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.html, (accessed Jun. 6, 2020).
• [15] J. Mirkovic, & P. Reiher, “A taxonomy of DDoS attack and DDoS defense mechanisms”, ACM SIGCOMM Comput. Commun. Rev., 34(2), 39-53, 2004.
• [16] G. Carl, G. Kesidis, R. R. Brooks, & S. Rai, “Denial-of-service attack-detection techniques”, IEEE Internet computing, 10(1), 82-89, 2006.
• [17] A. Y. Nur, & M. E. Tozal, “Record route IP traceback: combating DoS attacks and the variants”, Computers & Security, 72, 13-25, 2018.
• [18] S. T. Zargar, J. Joshi, & D. Tipper, “A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks”, IEEE communications surveys & tutorials, 15(4), 2046-2069, 2013.
• [19] R. Das, & T. H. Morris, “Machine learning and cyber security”, International Conference on Computer, Electrical and Communication Engineering - ICCECE, 2017, pp. 1-7.
• [20] O. Igbe, O. Ajayi, & T. Saadawi, “Denial of service attack detection using dendritic cell algorithm”, 2017 IEEE 8th Annual Ubiquitous Computing, Electronics And Mobile Communication Conference, 2017, pp. 294-299.
• [21] S. Elsayed, M. LE-Khac, N. A. Dev, & A. D. Jurcut, “Network anomaly detection using LSTM based autoencoder”, In Proceedings of the 16th ACM Symposium on QoS and Security for Wireless and Mobile Networks, 2020, pp. 37-45.
• [22] M. S. Elsayed, N. A. Le-Khac, S. Dev, & A. D. Jurcut, “Ddosnet: A deep-learning model for detecting network attacks”, A World of Wireless, Mobile and Multimedia Networks"(WoWMoM), 391-396, 2020.
• [23] T. Su, H. Sun, J. Zhu, S. Wang, & Y. Li, “BAT: Deep learning methods on network intrusion detection using NSL-KDD dataset”, IEEE Access, 8, 29575-29585, 2020.
• [24] R. C. Aygun, & A. G. Yavuz, “Network anomaly detection with stochastically improved autoencoder-based models”, In 2017 IEEE 4th International conference on cyber security and cloud computing (CSCloud), 2017, pp. 193-198.
• [25] F. Farahnakian, & J. Heikkonen, “A deep auto-encoder based approach for intrusion detection system”, In 2018 20th International Conference on Advanced Communication Technology (ICACT), 2018, pp. 178-183.
• [26] B. Min, J. Yoo, S. Kim, & D. Shin, “Network anomaly detection using memory-augmented deep autoencoder”, IEEE Access, 9, 104695-104706, 2021.
• [27] M. Anjum, & K. S. Shreedhara, “Performance analysis of semi-supervised machine learning approach for DDoS detection”, International Journal Of Innovative Research In Technology, 6(2), 144-147, 2019.
• [28] Z. Zhong, M. Xu, M. A. Rodriguez, C. Xu, & R. Buyya, “Machine Learning-based Orchestration of Containers: A Taxonomy and Future Directions”, ACM Comput. Surv. (CSUR), 2021.
• [29] G. S. Kushwah, & S. T. Ali, “Detecting DDoS attacks in cloud computing using ANN and black hole optimization”, 2nd International Conference on Telecommunication and Networks, pp. 1-5, 2017.
• [30] A. Sahi, D. Lai, Y. Li, & M. Diykh, “An efficient DDoS TCP flood attack detection and prevention system in a cloud environment”, IEEE Access, 5, 6036-6048, 2017, doi: 10.1109/ACCESS.2017.2688460.
• [31] R. Doshi, N. Apthorpe, & N. Feamster, “Machine learning ddos detection for consumer internet of things devices” IEEE Security and Privacy Workshops (SPW), 2018, pp. 29-35.
• [32] L. Ma, Y. Chai, L. Cui, D. Ma, Y. Fu, & A. Xiao, “A deep learning based DDoS detection framework for internet of things”, IEEE International Conference On Communications, 2020.
• [33] S. Potluri, S. Ahmed, & C. Diedrich, “Convolutional neural networks for multi-class intrusion detection system”, 6th International Conference, MIKE 2018, Cluj-Napoca, Romania, December 20-22, 2018.
• [34] Y. Ding, & Y. Zhai, “Intrusion detection system for NSL-KDD dataset using convolutional neural networks”, In Proceedings of the 2018 2nd International conference on computer science and artificial intelligence, 2018, pp. 81-85.