E-Had: A distributed and collaborative detection framework for early detection of DDoS attacks
Uložené v:
| Názov: | E-Had: A distributed and collaborative detection framework for early detection of DDoS attacks |
|---|---|
| Autori: | Krishan Kumar, C. Rama Krishna, Sunny Behal, Nilesh Vishwasrao Patil |
| Zdroj: | Journal of King Saud University: Computer and Information Sciences, Vol 34, Iss 4, Pp 1373-1387 (2022) |
| Informácie o vydavateľovi: | Springer Science and Business Media LLC, 2022. |
| Rok vydania: | 2022 |
| Predmety: | DDoS attack, Entropy, Electronic computers. Computer science, Apache Hadoop, 0202 electrical engineering, electronic engineering, information engineering, DoS attack, MapReduce, Hadoop Distributed File System (HDFS), QA75.5-76.95, 02 engineering and technology |
| Popis: | During the past few years, the traffic volume of legitimate traffic and attack traffic has increased manifolds up to Terabytes per second (Tbps). Because of the processing of such a huge traffic volume, it has become implausible to detect high rate attacks in time using conventional DDoS defense architectures. At present, the majority of the DDoS defense systems are deployed predominantly at the victim-end domain But these victim-end defense systems themselves are vulnerable to HR-DDoS attacks as the mammoth volume of attack traffic is generated by such type of attacks. The insufficient computational resources further make the problem more crucial at the victim-end. This paper proposed a distributed and collaborative architecture called E-Had that is capable of efficiently processing a large amount of data by distributing it among a number of mappers and reducers in a Hadoop based cluster. The proposed E-Had system has been comprehensively validated using various publicly available benchmarked datasets and real datasets generated in HA-DDoS testbed in terms of various detection system evaluation metrics. The experimental results clearly show that the proposed detection system is capable of early detection of different scenarios of DDoS attacks along with differentiating them from flash crowds. |
| Druh dokumentu: | Article |
| Jazyk: | English |
| ISSN: | 1319-1578 |
| DOI: | 10.1016/j.jksuci.2019.06.016 |
| Prístupová URL adresa: | https://doaj.org/article/2f73098e38f04b9bbfef27723b53d78c https://www.sciencedirect.com/science/article/pii/S1319157819304641 https://www.sciencedirect.com/science/article/abs/pii/S1319157819304641 |
| Rights: | CC BY NC ND |
| Prístupové číslo: | edsair.doi.dedup.....59da9a614fc3a72f140a0ddc7f49a10c |
| Databáza: | OpenAIRE |
Full Text Finder 
Nájsť tento článok vo Web of Science | Abstrakt: | During the past few years, the traffic volume of legitimate traffic and attack traffic has increased manifolds up to Terabytes per second (Tbps). Because of the processing of such a huge traffic volume, it has become implausible to detect high rate attacks in time using conventional DDoS defense architectures. At present, the majority of the DDoS defense systems are deployed predominantly at the victim-end domain But these victim-end defense systems themselves are vulnerable to HR-DDoS attacks as the mammoth volume of attack traffic is generated by such type of attacks. The insufficient computational resources further make the problem more crucial at the victim-end. This paper proposed a distributed and collaborative architecture called E-Had that is capable of efficiently processing a large amount of data by distributing it among a number of mappers and reducers in a Hadoop based cluster. The proposed E-Had system has been comprehensively validated using various publicly available benchmarked datasets and real datasets generated in HA-DDoS testbed in terms of various detection system evaluation metrics. The experimental results clearly show that the proposed detection system is capable of early detection of different scenarios of DDoS attacks along with differentiating them from flash crowds. |
|---|---|
| ISSN: | 13191578 |
| DOI: | 10.1016/j.jksuci.2019.06.016 |