E-Had: A distributed and collaborative detection framework for early detection of DDoS attacks
Saved in:
| Title: | E-Had: A distributed and collaborative detection framework for early detection of DDoS attacks |
|---|---|
| Authors: | Krishan Kumar, C. Rama Krishna, Sunny Behal, Nilesh Vishwasrao Patil |
| Source: | Journal of King Saud University: Computer and Information Sciences, Vol 34, Iss 4, Pp 1373-1387 (2022) |
| Publisher Information: | Springer Science and Business Media LLC, 2022. |
| Publication Year: | 2022 |
| Subject Terms: | DDoS attack, Entropy, Electronic computers. Computer science, Apache Hadoop, 0202 electrical engineering, electronic engineering, information engineering, DoS attack, MapReduce, Hadoop Distributed File System (HDFS), QA75.5-76.95, 02 engineering and technology |
| Description: | During the past few years, the traffic volume of legitimate traffic and attack traffic has increased manifolds up to Terabytes per second (Tbps). Because of the processing of such a huge traffic volume, it has become implausible to detect high rate attacks in time using conventional DDoS defense architectures. At present, the majority of the DDoS defense systems are deployed predominantly at the victim-end domain But these victim-end defense systems themselves are vulnerable to HR-DDoS attacks as the mammoth volume of attack traffic is generated by such type of attacks. The insufficient computational resources further make the problem more crucial at the victim-end. This paper proposed a distributed and collaborative architecture called E-Had that is capable of efficiently processing a large amount of data by distributing it among a number of mappers and reducers in a Hadoop based cluster. The proposed E-Had system has been comprehensively validated using various publicly available benchmarked datasets and real datasets generated in HA-DDoS testbed in terms of various detection system evaluation metrics. The experimental results clearly show that the proposed detection system is capable of early detection of different scenarios of DDoS attacks along with differentiating them from flash crowds. |
| Document Type: | Article |
| Language: | English |
| ISSN: | 1319-1578 |
| DOI: | 10.1016/j.jksuci.2019.06.016 |
| Access URL: | https://doaj.org/article/2f73098e38f04b9bbfef27723b53d78c https://www.sciencedirect.com/science/article/pii/S1319157819304641 https://www.sciencedirect.com/science/article/abs/pii/S1319157819304641 |
| Rights: | CC BY NC ND |
| Accession Number: | edsair.doi.dedup.....59da9a614fc3a72f140a0ddc7f49a10c |
| Database: | OpenAIRE |
Full Text Finder 
Nájsť tento článok vo Web of Science | Abstract: | During the past few years, the traffic volume of legitimate traffic and attack traffic has increased manifolds up to Terabytes per second (Tbps). Because of the processing of such a huge traffic volume, it has become implausible to detect high rate attacks in time using conventional DDoS defense architectures. At present, the majority of the DDoS defense systems are deployed predominantly at the victim-end domain But these victim-end defense systems themselves are vulnerable to HR-DDoS attacks as the mammoth volume of attack traffic is generated by such type of attacks. The insufficient computational resources further make the problem more crucial at the victim-end. This paper proposed a distributed and collaborative architecture called E-Had that is capable of efficiently processing a large amount of data by distributing it among a number of mappers and reducers in a Hadoop based cluster. The proposed E-Had system has been comprehensively validated using various publicly available benchmarked datasets and real datasets generated in HA-DDoS testbed in terms of various detection system evaluation metrics. The experimental results clearly show that the proposed detection system is capable of early detection of different scenarios of DDoS attacks along with differentiating them from flash crowds. |
|---|---|
| ISSN: | 13191578 |
| DOI: | 10.1016/j.jksuci.2019.06.016 |