Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

On detecting distributed denial of service attacks using fuzzy inference system

  • Published:
Cluster Computing Aims and scope Submit manuscript

    We’re sorry, something doesn't seem to be working properly.

    Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.

Abstract

Nowadays, attackers are constantly targeting the modern aspects of technology and attempting to abuse these technologies using different attacks types such as the distributed denial of service attack (DDoS). Therefore, protecting web services is not an easy task. There is a critical demand to detect and prevent DDoS attacks. This paper introduces a fuzzy inference-based anomaly-based intrusion detection (IDS) system to detect DDoS attacks. The aim of using the fuzzy inference system is to avoid binary decisions and, meanwhile, to avoid the issues associated with the deficiencies of IDS alert system awareness. This benefit could improve the IDS alert system’s robustness and effectively produce more readable and understandable IDS alerts. The proposed detection model was applied to a recent open-source DDoS dataset. At the early stage of designing the proposed detection model, the DDoS dataset was preprocessed using the Info-gain features selection algorithm to deal with the relevant features only and reduce the complexity of the fuzzy inference system. The proposed detection model was tested, evaluated, and obtained a 96.25% accuracy rate and a false-positive rate of 0.006%. Moreover, it effectively smoothes the boundaries between normal and DDoS traffic. In addition, the results obtained from the proposed detection model were compared with other literature results. The results indicated that the detection accuracy of this work is competitive with other methods. In addition to this, this work offers more elements of trust in DDoS attack detection by following the strategy to avoid the binary decision and offering the required extension of the binary decision to the continuous space; hence, the attack level could be easily measured.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Data availability

Manuscript has no associated data.

References

  1. Zhang, Y., Zhao, D., Liu, J.: The application of Baum-welch algorithm in multistep attack. Sci. World J. (2014). https://doi.org/10.1155/2014/374260

    Article  Google Scholar 

  2. Almseidin, M., Piller, I., Al-Kasassbeh, M., Kovacs, S.: Fuzzy automaton as a detection mechanism for the multi-step attack. Int. J. Adv. Sci. Eng. Inf. Technol. 9(2), 575 (2019)

    Article  Google Scholar 

  3. Almseidin, M., Alzubi, M., Kovacs, S., Alkasassbeh, M.: Evaluation of machine learning algorithms for intrusion detection system. In: Intelligent Systems and Informatics (SISY), 2017 IEEE 15th International Symposium on, pp. 000277–000282. IEEE, (2017)

  4. Alkasassbeh, M., Almseidin, M.: Machine learning methods for network intrusion detection. ICCCNT 2018—The 20th International Conference On Computing, Communication And Networking Technologies, (2018)

  5. Kaspersky DDoS Report kernel description. https://securelist.com/category/ddos-reports/ (2021). Accessed 10 Nov 2021

  6. Shanmugavadivu, R., Nagarajan, N.: Network intrusion detection system using fuzzy logic. Indian J. Comput. Sci. Eng. (IJCSE) 2(1), 101–111 (2016)

    Google Scholar 

  7. Almseidin, M., Al-kasassbeh, M., Kovacs, S.: Fuzzy rule interpolation and snmp-mib for emerging network abnormality. Int. J. Adv. Sci. Eng. Inf. Technol. 9(3), 735–744 (2019)

    Article  Google Scholar 

  8. Al-Kasassbeh, M., Almseidin, M., Alrfou, K., Kovacs, S.: Detection of iot-botnet attacks using fuzzy rule interpolation. J. Intell. Fuzzy Syst. 39, 421–431 (2020)

    Article  Google Scholar 

  9. Almseidin, M., Kovacs, S.: Intrusion detection mechanism using fuzzy rule interpolation. J. Theor. Appl. Inf. Technol. 96(16), 5473–5488 (2018)

    Google Scholar 

  10. Jia-chun, L., Zhi-tang, L.: Novel model for intrusion detection. Wuhan Univ. J. Nat. Sci. 8(1), 46–50 (2003)

    Article  Google Scholar 

  11. Alkasassbeh, M., Al-Naymat, G., Hassanat, A.B.A., Almseidin, M.: Detecting distributed denial of service attacks using data mining techniques. Int. J. Adv. Comput. Sci. Appl. (2016). https://doi.org/10.14569/IJACSA.2016.070159

    Article  Google Scholar 

  12. Almseidin, M., Al-Kasassbeh, M., Kovacs, S.: Detecting slow port scan using fuzzy rule interpolation. In: 2019 2nd International Conference on new Trends in Computing Sciences (ICTCS), pp. 1–6. IEEE, (2019)

  13. Kim, M.: Supervised learning-based ddos attacks detection: tuning hyperparameters. ETRI J. 41(5), 560–573 (2019)

    Article  Google Scholar 

  14. Maslan, A., Mohammad, K.M., Foozy, F.B.M., Rizki, S.N.: Ddos detection on network protocol using neural network with feature extract optimization. In: 2019 2nd International Conference on Applied Information Technology and Innovation (ICAITI), pp. 60–65. IEEE, (2019)

  15. Prasad, K.M., Siva, V.S., Kishore, P.K., Sreenivasulu, M.: Ditfec: drift identification in traffic-flow streams for ddos attack defense through ensemble classifier. In: Computing and Network Sustainability, pp. 299–307. Springer, Singapore (2019)

    Chapter  Google Scholar 

  16. Hosseini, S., Azizi, M.: The hybrid technique for ddos detection with supervised learning algorithms. Comput. Netw. 158, 35–45 (2019)

    Article  Google Scholar 

  17. Aamir, M., Zaidi, S.M.A.: Ddos attack detection with feature engineering and machine learning: the framework and performance evaluation. Int. J. Inf. Secur. 18(6), 761–785 (2019)

    Article  Google Scholar 

  18. Mane, N., Verma, A., Arya, A.: A pragmatic optimal approach for detection of cyber attacks using genetic programming. In: 2020 IEEE 20th International Symposium on Computational Intelligence and Informatics (CINTI), pp. 71–76. IEEE, (2020)

  19. Kayikci, S.: Multiple discriminant data analysis for distributed denial of service attacks. J. Comput. Sci. 8(1), 1–10 (2020)

    Google Scholar 

  20. Maslan, A., Mohamad, K.M.B., Foozy, F.B.M.: Feature selection for ddos detection using classification machine learning techniques. IAES Int. J. Artif. Intell. 9(1), 137 (2020)

    Google Scholar 

  21. Almseidin, M., Alzubi, M., Alkasassbeh, M., Kovacs, S.: Applying intrusion detection algorithms on the kdd-99 dataset. Prod. Syst. Inf. Eng. 8, 51–67 (2019)

    Google Scholar 

  22. Sahoo, K.S., Tripathy, B.K., Naik, K., Ramasubbareddy, S., Balusamy, B., Khari, M., Burgos, D.: An evolutionary svm model for ddos attack detection in software defined networks. IEEE Access 8, 132502–132513 (2020)

    Article  Google Scholar 

  23. Saini, P.S., Behal, S., Bhatia, S.: Detection of ddos attacks using machine learning algorithms. In: 2020 7th International Conference on Computing for Sustainable Global Development (INDIACom), pp. 16–21. IEEE, (2020)

  24. Andersson, C.: Reservoir computing approach for network intrusion detection, (2021)

  25. Zhao, F., Xin, Y., Zhang, K., Niu, X.: Representativeness-based instance selection for intrusion detection. Secur. Commun. Netw. (2021). https://doi.org/10.1155/2021/6638134

    Article  Google Scholar 

  26. Rios, V.M., Inácio, P.R.M., Magoni, D., Freire, M.M.: Detection of reduction-of-quality ddos attacks using fuzzy logic and machine learning algorithms. Comput. Netw. 186, 107792 (2021)

    Article  Google Scholar 

  27. Idowu, R.K., Othman, Z.A., et al.: Denial of service attack detection using trapezoidal fuzzy reasoning spiking neural p system. J. Theor. Appl. Inf. Technol. 75(3), 397 (2016)

    Google Scholar 

  28. Mkuzangwe, N.N.P., Nelwamondo, F.V.: A fuzzy logic based network intrusion detection system for predicting the tcp syn flooding attack. In: Asian Conference on Intelligent Information and Database Systems, pp. 14–22. Springer, (2017)

  29. Danane, Y., Parvat, T.: Intrusion detection system using fuzzy genetic algorithm. In: Pervasive Computing (ICPC), 2016 International Conference on, pp. 1–5. IEEE, (2016)

  30. Kaspersky Health Security Report kernel description. https://securelist.com/healthcare-security-in-2021 (2021). Accessed 10 Nov 2021

  31. Bay, S.D., Kibler, D., Pazzani, M.J., Smyth, P.: The uci kdd archive of large data sets for data mining research and experimentation. ACM SIGKDD Explor. Newslett. 2(2), 81–85 (2000)

    Article  Google Scholar 

  32. Kupershtein, L.M., Martyniuk, T.B., Voitovych, O.P., Kulchytskyi, B.V., Kozhemiako, A.V., Sawicki, D., Kalimoldayev, M.: Ddos-attack detection using artificial neural networks in matlab. In: Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments 2019, vol. 11176, p. 111761S. International Society for Optics and Photonics, Bellingham (2019)

    Google Scholar 

  33. Omuya, E.O., Okeyo, G.O., Kimwele, M.W.: Feature selection for classification using principal component analysis and information gain. Expert Syst. Appl. 174, 114765 (2021)

    Article  Google Scholar 

  34. Alyasiri, H., Clark, J.A., Kudenko, D.: Evolutionary computation algorithms for detecting known and unknown attacks. In: International Conference on Security for Information Technology and Communications, pp. 170–184. Springer, (2018)

  35. Roesch, M., et al.: Snort: Lightweight intrusion detection for networks. In Lisa 99, 229–238 (1999)

    Google Scholar 

  36. Dhopte, S., Tarapore, N.Z.: Design of intrusion detection system using fuzzy class-association rule mining based on genetic algorithm. Int. J. Comput. Appl. 53(14), 20 (2012)

    Google Scholar 

  37. Sivanandam, S.N., Sumathi, S., Deepa, S.N., et al.: Introduction to fuzzy logic using MATLAB, vol. 1. Springer, Cham (2007)

    Book  MATH  Google Scholar 

  38. Obeidat, I., Hamadneh, N., Alkasassbeh, M., Almseidin, M., AlZubi, M.: Intensive pre-processing of kdd cup 99 for network intrusion classification using machine learning techniques. (2019)

Download references

Funding

No funds, grants, or other support was received.

Author information

Author notes

  1. Mohammad Almseidin, Jamil Al-Sawwa, Mouhammd Alkasassbeh and Mohammed Alweshah have contributed equally to this work.

Authors and Affiliations

  1. Computer Science Department, Aqaba University of Technology, Aqaba, Jordan

    Mohammad Almseidin

  2. Computer Science Department, Tafila Technical University, Tafila, Jordan

    Jamil Al-Sawwa

  3. Computer Science Department, Princess Sumaya University for Technology, Amman, Jordan

    Mouhammd Alkasassbeh

  4. Prince Abdullah Bin Ghazi Faculty of Information and Communication Technology, Al-Balqa Applied University, Al-Salt, Jordan

    Mohammed Alweshah

Authors
  1. Mohammad Almseidin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jamil Al-Sawwa
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mouhammd Alkasassbeh
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mohammed Alweshah
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All authors have contributed equally to the work.

Corresponding author

Correspondence to Mohammad Almseidin.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

Not applicable.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Almseidin, M., Al-Sawwa, J., Alkasassbeh, M. et al. On detecting distributed denial of service attacks using fuzzy inference system. Cluster Comput 26, 1337–1351 (2023). https://doi.org/10.1007/s10586-022-03657-5

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-022-03657-5

Keywords

Search

Navigation