رویکردی برای تشخیص حملات DDoS در محیط رایانش ابری با استفاده از آنتروپی و بهینهسازی ازدحام ذرات
الموضوعات :مهدی آسایش جو 1 , مهدی صادق زاده 2 , مازیار گنجو 3
1 - گروه کامپیوتر،دانشگاه ازاد اسلامی،بوشهر،ایران
2 - گروه مهندسی کامپیوتر، دانشکده فنی و مهندسی، واحد ماهشهر، دانشگاه آزاد اسلامی، ماهشهر، ایران
3 - گروه کامپیوتر،دانشگاه آزاد،بوشهر،ایران
الکلمات المفتاحية: حمله DDoS, رایانش ابری, بهینهسازی ازدحام ذرات, تشخیص حملات, آنتروپی,
ملخص المقالة :
رایانش ابری یک فناوری نوظهور و در حال رشد است که به طور گسترده برای ارائه محاسبات، خدمات ذخیرهسازی و سایر منابع از طریق اینترنت استفاده میشود. در دسترس بودن سرویسهای ابری یکی از مهمترین نگرانیهای ارائهدهندگان خدمات ابری است. در حالی که سرویسهای ابری عمدتا از طریق اینترنت منتقل میشوند، مستعد حملات مختلفی هستند که منجر به درز اطلاعات حساس شود. حمله DDoS به عنوان یکی از مهمترین تهدیدات امنیتی برای محیط رایانش ابری شناخته میشود. این حمله تلاشی صریح توسط یک مهاجم برای جلوگیری و عدم دسترسی به خدمات یا منابع مشترک در یک محیط ابری است. در این مقاله رویکردی ترکیبی برای مقابله با حمله DDoS در محیط رایانش ابری مورد بحث قرار گرفته است. این روش اهمیت روشهای مبتنی بر انتخاب ویژگیهای موثر و مدلهای دستهبندی را برجسته میکند. در اینجا، رویکردی بر مبنای آنتروپی و بهینهسازی ازدحام ذرات برای مقابله با این حملات در محیط رایانش ابری ارائه میشود. دستهبندی دادههای با ابعاد بالا معمولاً به انتخاب ویژگی به عنوان یک مرحله قبل از پردازش برای کاهش ابعاد نیاز دارد. با این حال، انتخاب ویژگیهای موثر یک کار چالش برانگیز است که در این مقاله از بهینهسازی ازدحام ذرات برای اینکار استفاده میشود. در اینجا، مدل دستهبندی پیشنهادی بر مبنای استفاده از ساختمان داده درخت جستجوی دودویی متوازن و دیکشنری توسعه یافته است. شبیهسازی براساس مجموعه دادههای NSL-KDD و CICDDoS2019 انجام شده که نتایج برتری روش پیشنهادی را با میانگین دقت تشخیص 99.84% نسبت به الگوریتم-های AGA و E-SVM اثبات میکند.
[1] S. Q. A. Shah , F. Z. Khan and M. Ahmad “The impact and mitigation of ICMP based economic denial of sustainability attack in cloud computing environment using software defined network.” Computer Networks, vol.187, pp.107825, 2021.
[2] M. Haddadi and R. Beghdad “A Confidence Interval Based Filtering Against DDoS Attack in Cloud Environment: A Confidence Interval Against DDoS Attack in the Cloud.” International Journal of Information Security and Privacy (IJISP), vol.14,no.4, pp.42-56, 2020.
[3] R. SaiSindhuTheja and G. K. Shyam “An efficient metaheuristic algorithm based feature selection and recurrent neural network for DoS attack detection in cloud computing environment.” Applied Soft Computing, vol.100, pp.106997, 2021.
[4] O. Osanaiye, K. K. R. Choo and M. Dlodlo “Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework.” Journal of Network and Computer Applications, vol.67, pp.147-165, 2016.
[5] P. S. Bawa, S. U. Rehman and S. Manickam “Enhanced mechanism to detect and mitigate economic denial of sustainability (EDoS) attack in cloud computing environments.” Int. J. Adv. Comput. Sci. Appl, vol.8, no.9, pp.51-58, 2017.
[6] H. A. Kholidy, “Detecting impersonation attacks in cloud computing environments using a centric user profiling approach.” Future Generation Computer Systems, vol.117, pp.299-320, 2021.
[7] S. Subashini and V. Kavitha “A survey on security issues in service delivery models of cloud computing.” Journal of network and computer applications, vol.34, no.1, pp.1-11, 2011.
[8] N. Agrawal and S. Tapaswi “Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the-art and research challenges.” IEEE Communications Surveys & Tutorials, vol.21, no.4, pp.3769-3795, 2019.
[9] G. Somani., M. S. Gaur, D. Sanghi, M. Conti and R. Buyya “DDoS attacks in cloud computing: Issues, taxonomy, and future directions.” Computer Communications, vol.107, pp.30-48, 2017
[10] A. Praseed and P. S. Thilagam “DDoS attacks at the application layer: Challenges and research perspectives for safeguarding Web applications.” IEEE Communications Surveys & Tutorials, vol.21, no.1, pp. 661-685, 2018.
[11] G. Somani, M. S. Gaur, D. Sanghi, , M. Conti, M. Rajarajan and R. Buyya “Combating DDoS attacks in the cloud: requirements, trends, and future directions.” IEEE Cloud Computing, vol.4,no.1, pp.22-32, 2017.
[12] A. Shameli-Sendi, M. Pourzandi, M. Fekih-Ahmed and M. Cheriet “Taxonomy of distributed denial of service mitigation approaches for cloud computing.” Journal of Network and Computer Applications, vol.58, pp.165-179, 2015.
[13] S. T. Zargar, J. Joshi and D. Tipper “A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks.” IEEE communications surveys & tutorials, vol.15,no.4, pp.2046-2069, 2013.
[14] N. Agrawal and S. Tapaswi “A lightweight approach to detect the low/high rate IP spoofed cloud DDoS attacks.” in IEEE 7th International Symposium on Cloud and Service Computing (SC2),2017, pp. 118-123.
[15] G. I. Shidaganti, A. S. Inamdar, S. V. Rai and A. M. Rajeev “SCEF: A model for prevention of DDoS attacks from the cloud.” International Journal of Cloud Applications and Computing (IJCAC), vol.10, no.3,pp. 67-80, 2020.
[16] H. F. El-Sofany “A New Cybersecurity Approach for Protecting Cloud Services against DDoS Attacks.” International Journal of Intelligent Engineering and Systems, vol.13,no.2,pp. 205-215, 2020.
[17] A. Bhardwaj, V. Mangat, R. Vig, , S. Halder, and, M. Conti ”Distributed denial of service attacks in cloud: State-of-the-art of scientific and commercial solutions.” Computer Science Review, vol.39, pp.100332, 2021.
[18] A. Saied, R. E. Overill and T. Radzik “Detection of known and unknown DDoS attacks using Artificial Neural Networks.” Neurocomputing, vol.172, pp.385-393, 2016.
[19] S. Rastegari, P. Hingston and C. P. Lam “Evolving statistical rulesets for network intrusion detection.” Applied soft computing, vol.33, pp.348-359, 2015.
[20] N. K. Kanakarajan and, K. Muniasamy”Improving the accuracy of intrusion detection using gar-forest with feature selection.” In Proceedings of the 4th International Conference on Frontiers in Intelligent Computing: Theory and Applications (FICTA), 2015, pp. 539-547.
[21] B. Ingre and A. Yadav “Performance analysis of NSL-KDD dataset using ANN.” in international conference on signal processing and communication engineering systems,2015, pp. 92-96.
[22] S. M. H. Bamakan, H. Wang, T. Yingjie and Y. Shi “An effective intrusion detection framework based on MCLP/SVM optimized by time-varying chaos particle swarm optimization.” Neurocomputing, vol.199, pp.90-102, 2016.
[23] M. Ghalehgolabi and A. Rezaeipanah “Intrusion Detection System Using Genetic Algorithm and Data Mining Techniques Based on the Reduction.” International Journal of Computer Applications Technology and Research, vol.6,no.11, pp.461-466, 2017.
[24] C. Yang “Anomaly network traffic detection algorithm based on information entropy measurement under the cloud computing environment.” Cluster Computing, vol.22,no.4, pp.8309-8317, 2019.
[25], N. Agrawal, and, S. Tapaswi “An SDN-Assisted Defense Mechduanism for the Shrew DDoS Attack in a Cloud Computing Environment.” Journal of Network and Systems Management, vol.29,no.2, pp.1-28, 2021.
[26], A. Sharma, , C. Agrawal, , A. Singh, and, K. Kumar “Real-time DDoS detection bsed on entropy using Hadoop framework.” In Computing in Engineering and Technology,2020, pp. 297-305.
[27] K. B. Virupakshar, M. Asundi, K. Channal, P. Shettar, S. Patil, and D. G. Narayan, “Distributed denial of service (DDoS) attacks detection system for OpenStack-based private cloud”, Procedia Computer Science, vol.167, pp.2297-2307, 2020.
[28] A. B. Dehkordi, M. Soltanaghaei, and F. Z. Boroujeni, “The DDoS attacks detection through machine learning and statistical methods in SDN”. The Journal of Supercomputing, vol.77, no.3,pp. 2383-2415, 2021.
[29] D. Kshirsagar, and S. Kumar , “A feature reduction based reflected and exploited DDoS attacks detection system”, Journal of Ambient Intelligence and Humanized Computing,vol.13,no.3, pp.1-13, 2021.
[30] Nsl-kdd data set for network based intrusion detection systems.” Available on: http://nsl.cs.unb.ca/KDD/NSL-KDD.html, November 2020.
[31] I. Sharafaldin, A. H. Lashkari, S. Hakak, and A. A. Ghorbani “Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy.” In International Carnahan Conference on Security Technology (ICCST), 2019, pp. 1-8.
_||_[1] S. Q. A. Shah , F. Z. Khan and M. Ahmad “The impact and mitigation of ICMP based economic denial of sustainability attack in cloud computing environment using software defined network.” Computer Networks, vol.187, pp.107825, 2021.
[2] M. Haddadi and R. Beghdad “A Confidence Interval Based Filtering Against DDoS Attack in Cloud Environment: A Confidence Interval Against DDoS Attack in the Cloud.” International Journal of Information Security and Privacy (IJISP), vol.14,no.4, pp.42-56, 2020.
[3] R. SaiSindhuTheja and G. K. Shyam “An efficient metaheuristic algorithm based feature selection and recurrent neural network for DoS attack detection in cloud computing environment.” Applied Soft Computing, vol.100, pp.106997, 2021.
[4] O. Osanaiye, K. K. R. Choo and M. Dlodlo “Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework.” Journal of Network and Computer Applications, vol.67, pp.147-165, 2016.
[5] P. S. Bawa, S. U. Rehman and S. Manickam “Enhanced mechanism to detect and mitigate economic denial of sustainability (EDoS) attack in cloud computing environments.” Int. J. Adv. Comput. Sci. Appl, vol.8, no.9, pp.51-58, 2017.
[6] H. A. Kholidy, “Detecting impersonation attacks in cloud computing environments using a centric user profiling approach.” Future Generation Computer Systems, vol.117, pp.299-320, 2021.
[7] S. Subashini and V. Kavitha “A survey on security issues in service delivery models of cloud computing.” Journal of network and computer applications, vol.34, no.1, pp.1-11, 2011.
[8] N. Agrawal and S. Tapaswi “Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the-art and research challenges.” IEEE Communications Surveys & Tutorials, vol.21, no.4, pp.3769-3795, 2019.
[9] G. Somani., M. S. Gaur, D. Sanghi, M. Conti and R. Buyya “DDoS attacks in cloud computing: Issues, taxonomy, and future directions.” Computer Communications, vol.107, pp.30-48, 2017
[10] A. Praseed and P. S. Thilagam “DDoS attacks at the application layer: Challenges and research perspectives for safeguarding Web applications.” IEEE Communications Surveys & Tutorials, vol.21, no.1, pp. 661-685, 2018.
[11] G. Somani, M. S. Gaur, D. Sanghi, , M. Conti, M. Rajarajan and R. Buyya “Combating DDoS attacks in the cloud: requirements, trends, and future directions.” IEEE Cloud Computing, vol.4,no.1, pp.22-32, 2017.
[12] A. Shameli-Sendi, M. Pourzandi, M. Fekih-Ahmed and M. Cheriet “Taxonomy of distributed denial of service mitigation approaches for cloud computing.” Journal of Network and Computer Applications, vol.58, pp.165-179, 2015.
[13] S. T. Zargar, J. Joshi and D. Tipper “A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks.” IEEE communications surveys & tutorials, vol.15,no.4, pp.2046-2069, 2013.
[14] N. Agrawal and S. Tapaswi “A lightweight approach to detect the low/high rate IP spoofed cloud DDoS attacks.” in IEEE 7th International Symposium on Cloud and Service Computing (SC2),2017, pp. 118-123.
[15] G. I. Shidaganti, A. S. Inamdar, S. V. Rai and A. M. Rajeev “SCEF: A model for prevention of DDoS attacks from the cloud.” International Journal of Cloud Applications and Computing (IJCAC), vol.10, no.3,pp. 67-80, 2020.
[16] H. F. El-Sofany “A New Cybersecurity Approach for Protecting Cloud Services against DDoS Attacks.” International Journal of Intelligent Engineering and Systems, vol.13,no.2,pp. 205-215, 2020.
[17] A. Bhardwaj, V. Mangat, R. Vig, , S. Halder, and, M. Conti ”Distributed denial of service attacks in cloud: State-of-the-art of scientific and commercial solutions.” Computer Science Review, vol.39, pp.100332, 2021.
[18] A. Saied, R. E. Overill and T. Radzik “Detection of known and unknown DDoS attacks using Artificial Neural Networks.” Neurocomputing, vol.172, pp.385-393, 2016.
[19] S. Rastegari, P. Hingston and C. P. Lam “Evolving statistical rulesets for network intrusion detection.” Applied soft computing, vol.33, pp.348-359, 2015.
[20] N. K. Kanakarajan and, K. Muniasamy”Improving the accuracy of intrusion detection using gar-forest with feature selection.” In Proceedings of the 4th International Conference on Frontiers in Intelligent Computing: Theory and Applications (FICTA), 2015, pp. 539-547.
[21] B. Ingre and A. Yadav “Performance analysis of NSL-KDD dataset using ANN.” in international conference on signal processing and communication engineering systems,2015, pp. 92-96.
[22] S. M. H. Bamakan, H. Wang, T. Yingjie and Y. Shi “An effective intrusion detection framework based on MCLP/SVM optimized by time-varying chaos particle swarm optimization.” Neurocomputing, vol.199, pp.90-102, 2016.
[23] M. Ghalehgolabi and A. Rezaeipanah “Intrusion Detection System Using Genetic Algorithm and Data Mining Techniques Based on the Reduction.” International Journal of Computer Applications Technology and Research, vol.6,no.11, pp.461-466, 2017.
[24] C. Yang “Anomaly network traffic detection algorithm based on information entropy measurement under the cloud computing environment.” Cluster Computing, vol.22,no.4, pp.8309-8317, 2019.
[25], N. Agrawal, and, S. Tapaswi “An SDN-Assisted Defense Mechduanism for the Shrew DDoS Attack in a Cloud Computing Environment.” Journal of Network and Systems Management, vol.29,no.2, pp.1-28, 2021.
[26], A. Sharma, , C. Agrawal, , A. Singh, and, K. Kumar “Real-time DDoS detection bsed on entropy using Hadoop framework.” In Computing in Engineering and Technology,2020, pp. 297-305.
[27] K. B. Virupakshar, M. Asundi, K. Channal, P. Shettar, S. Patil, and D. G. Narayan, “Distributed denial of service (DDoS) attacks detection system for OpenStack-based private cloud”, Procedia Computer Science, vol.167, pp.2297-2307, 2020.
[28] A. B. Dehkordi, M. Soltanaghaei, and F. Z. Boroujeni, “The DDoS attacks detection through machine learning and statistical methods in SDN”. The Journal of Supercomputing, vol.77, no.3,pp. 2383-2415, 2021.
[29] D. Kshirsagar, and S. Kumar , “A feature reduction based reflected and exploited DDoS attacks detection system”, Journal of Ambient Intelligence and Humanized Computing,vol.13,no.3, pp.1-13, 2021.
[30] Nsl-kdd data set for network based intrusion detection systems.” Available on: http://nsl.cs.unb.ca/KDD/NSL-KDD.html, November 2020.
[31] I. Sharafaldin, A. H. Lashkari, S. Hakak, and A. A. Ghorbani “Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy.” In International Carnahan Conference on Security Technology (ICCST), 2019, pp. 1-8.