HIGH-SPEED NETWORK DDOS ATTACK DETECTION: A SURVEY
Keywords:
denial of on high-speed service, distributed denial of service, cyber-physical system, machine learning, high-speed network, intrusion detection system, express data pathAbstract
Having a large number of device connections provides attackers with multiple ways to attack a network. This situation can lead to distributed denial-of-service (DDoS) attacks, which can cause fiscal harm and corrupt data. Thus, irregularity detection in traffic data is crucial in detecting malicious behavior in a network, which is essential for network security and the integrity of modern Cyber–Physical Systems (CPS). Nevertheless, studies have shown that current techniques are ineffective at detecting DDoS attacks on networks, especially in the case of high-speed networks (HSN), as detecting attacks on the latter is very complex due to their fast packet processing. This review aims to study and compare different approaches to detecting DDoS attacks, using machine learning (ML) techniques such as k-means, K-Nearest Neighbors (KNN), and Naive Bayes (NB) used in intrusion detection systems (IDSs) and flow-based IDSs, and expresses data paths for packet filtering for HSN performance. This review highlights the high-speed network accuracy evaluation factors, provides a detailed DDoS attack taxonomy, and classifies detection techniques. Moreover, the existing literature is inspected through a qualitative analysis, with respect to the factors extracted from the presented taxonomy of irregular traffic pattern detection.
References
Haseeb-Ur-Rehman, R.M.A.; Liaqat, M.; Aman, A.H.M.; Ab Hamid, S.H.; Ali, R.L.; Shuja, J.; Khan, M.K. Sensor cloud frameworks: State-of-the-art, taxonomy, and research issues. IEEE Sens. J. 2021, 21, 22347–22370.
Chaâri, R.; Ellouze, F.; Koubâa, A.; Qureshi, B.; Pereira, N.; Youssef, H.; Tovar, E. Cyber-physical systems clouds: A survey. Comput. Netw. 2016, 108, 260–278.
Cisco, U. Cisco annual internet report (2018–2023) white paper. Acessado Em. 2021, 10, 1–35.
Li, Q.; Meng, L.; Zhang, Y.; Yan, J. DDoS attacks detection using machine learning algorithms. In International Forum on Digital TV and Wireless Multimedia Communications; Springer: Berlin/Heidelberg, Germany, 2018; pp. 205–216.
Yusof, A.R.a.; Udzir, N.I.; Selamat, A. Systematic literature review and taxonomy for DDoS attack detection and prediction. Int. J. Digit. Enterp. Technol. 2019, 1, 292–315.
Cheng, J.; Xu, R.; Tang, X.; Sheng, V.S.; Cai, C. An abnormal network flow feature sequence prediction approach for DDoS attacks detection in big data environment. Comput. Mater. Contin. 2018, 55, 95–119.
Singh, K.J.; Thongam, K.; De, T. Detection and differentiation of application layer DDoS attack from flash events using fuzzy-GA computation. IET Inf. Secur. 2018, 12, 502–512.
Akbari, E.; Tabatabaei, S.M.; Yazdi, M.B.; Arefi, M.M.; Cao, J. Resilient backstepping control for a class of switched nonlinear time-delay systems under hybrid cyber-attacks. Eng. Appl. Artif. Intell. 2023, 122, 106128.
Zheng, A.; Huang, Q.; Cai, D.; Li, J.; Jing, S.; Hu, W.; Wu, J. Quantitative assessment of stochastic property of network-induced time delay in smart substation cyber communications. IEEE Trans. Smart Grid 2019, 11, 2407–2416.
Ganesh, P.; Lou, X.; Chen, Y.; Tan, R.; Yau, D.K.; Chen, D.; Winslett, M. Learning-based simultaneous detection and characterization of time delay attack in cyber-physical systems. IEEE Trans. Smart Grid 2021, 12, 3581–3593.
Ullah, S.; Choi, J.; Oh, H. IPsec for high speed network links: Performance analysis and enhancements. Future Gener. Comput. Syst. 2020, 107, 112–125.
El Sayed, M.S.; Le-Khac, N.-A.; Azer, M.A.; Jurcut, A.D. A Flow Based Anomaly Detection Approach with Feature Selection Method Against DDoS Attacks in SDNs. IEEE Trans. Cogn. Commun. Netw. 2022, 8, 1862–1880.
Papalkar, R.R.; Alvi, A.S. Analysis of Defense Techniques for DDOS Attacks in IoT—A Review. ECS Trans. 2022, 107, 3061.
Naqvi, I.; Chaudhary, A.; Kumar, A. A Systematic Review of the Intrusion Detection Techniques in VANETS. TEM J. 2022, 11, 900.
Almansor, M.; Gan, K. Intrusion detection systems: Principles and perspectives. J. Multidiscip. Eng. Sci. Stud. 2018, 4, 2458–2925.
Rios, V.D.M.; Inacio, P.R.; Magoni, D.; Freire, M.M. Detection and Mitigation of Low-Rate Denial-of-Service Attacks: A Survey. IEEE Access 2022, 10, 76648–76668.
Gupta, B.; Chaudhary, P.; Chang, X.; Nedjah, N. Smart defense against distributed Denial of service attack in IoT networks using supervised learning classifiers. Comput. Electr. Eng. 2022, 98, 107726.
Ennemoser, F.J.; Sattler, P.; Zirngibl, J. State of the Art of DDoS Mitigation Techniques. In Proceedings of the Seminar IITM WS 21/22, Munich, Germany, 30 July–27 February 2022.
Falk, H. Building local networks with hubs. Electron. Libr. 1997, 15, 401–404.
Davis, E.L. Fast ethernet: 100BaseTX and 100BaseT4 network interface adaptor architectures. In Emerging High-Speed Local-Area Networks and Wide-Area Networks; SPIE: Cergy, France, 1995; pp. 37–41.
Adrian, D.; Durumeric, Z.; Singh, G.; Halderman, J.A. Zippier ZMap: Internet-Wide Scanning at 10 Gbps. In Proceedings of the WOOT 8th USENIX Workshop on Offensive Technologies, San Diego, CA, USA, 19 August 2014.
Arashloo, M.T.; Lavrov, A.; Ghobadi, M.; Rexford, J.; Walker, D.; Wentzlaff, D. Enabling Programmable Transport Protocols in High-Speed NICs. In Proceedings of the NSDI, 17th USENIX Symposium on Networked Systems Design and Implementation, Santa Clara, CA, USA, 25–27 February 2020; pp. 93–109.
Naeem, M.; Jamal, T.; Diaz-Martinez, J.; Butt, S.A.; Montesano, N.; Tariq, M.I.; De-la-Hoz-Franco, E.; De-La-Hoz-Valdiris, E. Trends and future perspective challenges in big data. In Advances in Intelligent Data Analysis and Applications; Springer: Berlin/Heidelberg, Germany, 2022; pp. 309–325.
Zubaroğlu, A.; Atalay, V. Data stream clustering: A review. Artif. Intell. Rev. 2021, 54, 1201–1236.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Віталій Савченко , Петро Поночовний , Ігор Аверічев
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
