Graph-based fuzzy approach against DDoS attacks

被引：0

作者：

Ates, Cagatay ^{[1
]}

Ozdel, Suleyman ^{[1
]}

Anarim, Emin ^{[1
]}

机构：

[1] Bogazici Univ, Dept Elect & Elect Engn, Istanbul, Turkey

来源：

JOURNAL OF INTELLIGENT & FUZZY SYSTEMS | 2020年 / 39卷 / 05期

关键词：

Graph theory; fuzzy logic; DDoS attacks; entropy; intrusion detection; SERVICE ATTACKS;

D O I：

10.3233/JIFS-189099

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

While internet technologies have been evolving day by day, threats against them have been increasing with the same pace. One of the most serious and commonly executed attack type is Distributed Denial of Service (DDoS) attacks. Despite there are many security mechanisms against this type of attack, there is still need for new solutions due to the occurred DDoS attacks worldwide. In this work, a DDoS attack detection approach based on fuzzy logic and entropy is proposed. Network is modelled as a graph and graph-based features are used for discriminating attack traffic from attack-free traffic. Fuzzy-c-means clustering is applied based on these features in order to show the tendencies of IP addresses or port numbers to be in a same cluster or not. Based on this uncertainty, attack and attack-free traffic are modelled. In detection phase, fuzzy membership function is used. This algorithm is tested on the real data collected from Bogazici University network.

引用

页码：6315 / 6324

页数：10

共 50 条

[1] Practical Attacks Against Graph-based Clustering
Chen, Yizheng
Nadji, Yacin
Kountouras, Athanasios
Monrose, Fabian
Perdisci, Roberto
Antonakakis, Manos
Vasiloglou, Nikolaos
[J]. CCS'17: PROCEEDINGS OF THE 2017 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2017, : 1125 - 1142
[2] Optimizing detection of malware attacks through Graph-based approach
Muthumanickam, K.
Ilavarasan, E.
[J]. 2017 INTERNATIONAL CONFERENCE ON TECHNICAL ADVANCEMENTS IN COMPUTERS AND COMMUNICATIONS (ICTACC), 2017, : 87 - 91
[3] An Adaptive Approach for Defending against DDoS Attacks
Li, Muhai
Li, Ming
[J]. MATHEMATICAL PROBLEMS IN ENGINEERING, 2010, 2010
[4] An Approach of DNS Protection Against DDoS Attacks
Georgiev, Ivan
Nikolova, Kamelia
[J]. 2017 13TH INTERNATIONAL CONFERENCE ON ADVANCED TECHNOLOGIES, SYSTEMS AND SERVICES IN TELECOMMUNICATIONS (TELSIKS), 2017, : 140 - 143
[5] Research on An Effective Approach against DDoS Attacks
Zeng Xiao-hui
Peng Xuan-ge
Li Man-hua
Xu Hong-qi
Jin Shi-yao
[J]. 2009 INTERNATIONAL CONFERENCE ON RESEARCH CHALLENGES IN COMPUTER SCIENCE, ICRCCS 2009, 2009, : 21 - +
[6] An SDN-based Approach For Defending Against Reflective DDoS Attacks
Lukaseder, Thomas
StOlzle, Kevin
Kleber, Stephan
Erb, Benjamin
Kargl, Frank
[J]. PROCEEDINGS OF THE 2018 IEEE 43RD CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN), 2018, : 299 - 302
[7] Protection Against Graph-Based False Data Injection Attacks on Power Systems
Morgenstern, Gal
Kim, Jip
Anderson, James
Zussman, Gil
Routtenberg, Tirza
[J]. IEEE Transactions on Control of Network Systems, 2024, 11 (04): : 1924 - 1936
[8] Poisoning Attacks to Graph-Based Recommender Systems
Fang, Minghong
Yang, Guolei
Gong, Neil Zhenqiang
Liu, Jia
[J]. 34TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE (ACSAC 2018), 2018, : 381 - 392
[9] Graph-based improvement of edit distance attacks
Caballero-Gil, P.
Fuster-Sabater, A.
[J]. COMPUTATIONAL METHODS IN SCIENCE AND ENGINEERING VOL 1: THEORY AND COMPUTATION: OLD PROBLEMS AND NEW CHALLENGES, 2007, 963 : 627 - +
[10] Secure consensus of multiagent systems with DoS attacks via a graph-based approach
Du, Shengli
Wang, Yuee
Dong, Lijing
Li, Xiaoli
[J]. INFORMATION SCIENCES, 2021, 570 : 94 - 104

← 1 2 3 4 5 →