Prevention and detection of denial of service attacks using random forest and decision tree algorithms
Subject Areas :
seyedebrahim dashti
1
*
,
hadis farajpor
2
1 - Department of Computer Engineering, Jahrom Branch, Islamic Azad University
2 - Department of Electrical and Computer Engineering, Shiraz Branch, Islamic Azad University
Keywords: Distributed denial of service, intrusion prevention system, machine learning, cloud computing, random forest, tree Decision.,
Abstract :
Cloud computing has ushered in a new era of innovation with incredible scalability and accessibility. Consumers who subscribe to a cloud-based service have unlimited access to applications and technology. In addition to reducing prices, this concept has increased the reliability and availability of supplies. Programs that are based on the cloud are available on demand from anywhere in the world at low cost, this unlimited access has many opportunities and challenges. Although cloud computing faces security concerns, it has thrived due to its incredibly instant services. Among the important challenges is the increase in the occurrence of Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, which has increased the demand for effective defense mechanisms. Detection of such anomalies in the computer network is usually done through network-based intrusion detection and prevention systems (NIDPS). Although NIDPSs allow for the detection of all known attacks, they are not immune to persistent changes in anomalies over time. Machine learning algorithm provides algorithms that, due to continuous evolution, can effectively reduce cyber threats by detecting new anomalies. Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks are one of the most important security threats in computer networks. These attacks can significantly disrupt access to services and lead to loss of revenue and reputation. Detection and prevention of These attacks are of particular importance. The proposed random forest and decision tree algorithms are among the efficient techniques in the field of machine learning that can be used to detect and prevent denial of service attacks, the results confirm the effectiveness of the proposed method.
[1] J. Yuan, K. Mills, “Monitoring the macroscopic effect of DDoS flooding attacks”, IEEE Trans. Dependable Secur. Comput., vol. 2, no. 4, pp. 324–335, 2005, doi: 10.1109/TDSC.2005.50.
[2] H. Arora, T. Manglani, G. Bakshi, S. Choudhary, “Cyber Security Challenges and Trends on Recent Technologies”, in Proc. 6th Int. Conf. Comput. Methodol. Commun. (ICCMC), 2022, pp. 115–118, doi: 10.1109/ICCMC53470.2022.9753967.
[3] Y. Li and Q. Liu, “A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments”, Energy Reports, vol. 7, pp. 8176–8186, 2021, doi: 10.1016/j.egyr.2021.08.126.
[4] I. H. Sarker, M. H. Furhad, R. Nowrozy, “AI-Driven Cybersecurity: An Overview, Security Intelligence Modeling and Research Directions”, SN Comput. Sci., vol. 2, no. 3, pp. 1–18, 2021, doi: 10.1007/s42979-021-00557-0.
[5] K. Shaukat, S. Luo, V. Varadharajan, I. A. Hameed, M. Xu, “A Survey on Machine Learning Techniques for Cyber Security in the Last Decade”, IEEE Access, vol. 8, pp. 222310–222354, 2020, doi: 10.1109/ACCESS.2020.3041951.
[6] A. B. Nassif, M. A. Talib, Q. Nasir, F. M. Dakalbab, “Machine Learning for Anomaly Detection: A Systematic Review”, IEEE Access, vol. 9, pp. 78658–78700, 2021, doi: 10.1109/ACCESS.2021.3083060.
[7] A. Aljuhani, “Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking Environments”, IEEE Access, vol. 9, pp. 42236–42264, 2021, doi: 10.1109/ACCESS.2021.3062909.
[8] K. J. Singh, K. Thongam, T. De, “Detection and differentiation of application layer DDoS attack from flash events using fuzzy-GA computation”, IET Inf. Secur., vol. 12, no. 6, pp. 502–512, 2018, doi: 10.1049/iet-ifs.2017.0500.
[9] T. Subbulakshmi, S. Mercy Shalinie, A. Ramamoorthi, “Detection and classification of DDOS attacks using machine learning algorithms”, Eur. J. Sci. Res., vol. 47, no. 3, pp. 334–346, 2010, doi: 10.1007/978-3-642-14478-3.
[10] Y. Zhang, P. Tino, A. Leonardis, K. Tang, “A Survey on Neural Network Interpretability”, IEEE Trans. Emerg. Top. Comput. Intell., vol. 5, no. 5, pp. 726–742, 2021, doi: 10.1109/TETCI.2021.3100641.
[11] R. E. Spiridonov, V. D. Cvetkov, O. M. Yurchik, “Data mining for social networks open data analysis”, in Proc. 2017 IEEE 2nd Int. Conf. Control Tech. Syst. (CTS), 2017, pp. 395–396, doi: 10.1109/CTSYS.2017.8109578.
[12] R. Biswas and J. Wu, “Optimal Filter Assignment Policy Against Distributed Denial-of-Service Attack”, IEEE Trans. Dependable Secur. Comput., vol. 19, no. 1, pp. 339–352, 2022, doi: 10.1109/TDSC.2020.2987301.
[13] A. Waleed, A. F. Jamali, A. Masood, “Which open-source IDS? Snort, Suricata or Zeek”, Comput. Networks, vol. 213, 2022, doi: 10.1016/j.comnet.2022.109116.
[14] A. Coscia, V. Dentamaro, S. Galantucci, A. Maci, G. Pirlo, “Automatic decision tree-based NIDPS ruleset generation for DoS/DDoS attacks”, J. Inf. Secur. Appl., vol. 82, p. 103736, 2024, doi: 10.1016/j.jisa.2024.103736.
[15] N. S. Naz, S. Abbas, M. A. Khan, B. Abid, N. Tariq, M. F. Khan, “Efficient load balancing in cloud computing using multi-layered Mamdani fuzzy inference expert system”, Int. J. Adv. Comput. Sci. Appl., vol. 10, no. 3, pp. 569–577, 2019, doi: 10.14569/IJACSA.2019.0100373.
[16] M. Gohil and S. Kumar, “Evaluation of Classification algorithms for Distributed Denial of Service Attack Detection”, in Proc. 2020 IEEE 3rd Int. Conf. Artif. Intell. Knowl. Eng. (AIKE), 2020, pp. 138–141, doi: 10.1109/AIKE48582.2020.00028.
[17] J. J. Praba and R. Sridaran, “An SDN-based Decision Tree Detection (DTD) Model for Detecting DDoS Attacks in Cloud Environment”, Int. J. Adv. Comput. Sci. Appl., vol. 13, no. 7, pp. 54–64, 2022, doi: 10.14569/IJACSA.2022.0130708.
[18] G. Lucky, F. Jjunju, A. Marshall, “A Lightweight Decision-Tree Algorithm for detecting DDoS flooding attacks”, in Proc. Companion 2020 IEEE 20th Int. Conf. Softw. Qual. Reliab. Secur. (QRS-C), 2020, pp. 382–389, doi: 10.1109/QRS-C51114.2020.00072.
[19] M. I. Kareem and M. N. Jasim, “DDOS Attack Detection Using Lightweight Partial Decision Tree algorithm”, in Proc. 2nd 2022 Int. Conf. Comput. Sci. Softw. Eng. (CSASE), 2022, pp. 362–367, doi: 10.1109/CSASE51777.2022.9759824.
[20] B. M. Kalema and V. V. Busobozi, Big Data Analytics for Data Quality Improvement to Enhance Evidence-Based Health Care in Developing Countries, 2020, doi: 10.1007/978-981-13-8253-6_4.
[21] C. O. Tinubu, A. S. Sodiya, O. A. Ojesanmi, E. O. Adeleke, A. O. Adebowale, “DT-Model: a classification model for distributed denial of service attacks and flash events”, Int. J. Inf. Technol., vol. 14, no. 6, pp. 3077–3087, 2022, doi: 10.1007/s41870-022-00946-5.
[22] Y. Chen, J. Pei, D. Li, “DETPro: A High-Efficiency and Low-Latency System Against DDoS Attacks in SDN Based on Decision Tree”, in IEEE Int. Conf. Commun., 2019, pp. 1–6, doi: 10.1109/ICC.2019.8761580.
[23] V. G. Costa and C. E. Pedreira, “Recent advances in decision trees: an updated survey”, vol. 56, no. 5, Springer Netherlands, 2023, doi: 10.1007/s10462-022-10275-5.
[24] I. Singh, S. K. Singh, R. Singh, S. Kumar, “Efficient Loop Unrolling Factor Prediction Algorithm using Machine Learning Models”, in 2022 3rd Int. Conf. Emerg. Technol. (INCET), 2022, pp. 1–8, doi: 10.1109/INCET54531.2022.9825092.
[25] N. Nedjah, G. Martínez Pérez, B. B. Gupta, Eds., Lecture Notes in Networks and Systems 599: International Conference on Cyber Security, Privacy and Networking (ICSPN 2022), 2022.