A Flow is a Stream of Packets: A Stream-Structured Data Approach for DDoS Detection

Future Generation Computer Systems

Mobile edge computing, fog et al.: A survey and analysis of security threats and challenges

R. Roman, J. Lopez, M. Mambo

Published: 2018

IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C)

10 years of IoT malware: A feature-based taxonomy

B. Vignau, R. Khoury, S. Halle

Published: 2019

IEEE Wireless Communications

Security in mobile edge caching with reinforcement learning

L. Xiao, X. Wan, C. Dai, X. Du, X. Chen, M. Guizani

Published: 2018

26th USENIX security symposium (USENIX Security 17)

Understanding the mirai botnet

M. Antonakakis, T. April, M. Bailey, M. Bernhard, E. Bursztein, J. Cochran, Z. Durumeric, J. A. Halderman, L. Invernizzi, M. Kallitsis

Published: 2017

E3S Web of Conferences

A survey of DDOS attacks using machine learning techniques

M. Arshi, M. Nasreen, K. Madhavi

Published: 2020

IEEE communications surveys & tutorials

A survey of machine and deep learning methods for internet of things (IoT) security

Mohammed Ali Al-Garadi, Amr Mohamed, Abdulla Khalid Al-Ali, Xiaojiang Du, Ihsan Ali, Mohsen Guizani

Published: 2020

Soft Computing

Deep learning approaches for detecting DDoS attacks: a systematic review

M. Mittal, K. Kumar, S. Behal

Published: 2022

Proceedings of the 13th USENIX Conference on System Administration

Snort - lightweight intrusion detection for networks

M. Roesch

Published: 1999

IEEE Military Communications Conference (MILCOM)

Characterizing the effectiveness of network-based intrusion detection systems

E. Ficke, K. M. Schweitzer, R. M. Bateman, S. Xu

Published: 2018

Computers & Security

Flow-based intrusion detection: Techniques and challenges

M. F. Umer, M. Sher, Y. Bi

Published: 2017

IEEE communications surveys & tutorials

An overview of IP flow-based intrusion detection

A. Sperotto, G. Schaffrath, R. Sadre, C. Morariu, A. Pras, B. Stiller

Published: 2010

12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops

Flow-based intrusion detection

A. Sperotto, A. Pras

Published: 2011

Arabian Journal for Science and Engineering

Flow-based IDS for ICMPv6-based DDoS attacks detection

O. E. Elejla, M. Anbar, B. Belaton, B. O. Alijla

Published: 2018

Computer Networks

Slow denial-of-service attacks on software defined networks

T. A. Pascoal, I. E. Fonseca, V. Nigam

Published: 2020

Proceedings of the 38th International Conference on Machine Learning

Trees with attention for set prediction tasks

R. Hirsch, R. Gilad-Bachrach

Published: 2021

IEEE Communications Magazine

Deep learning: the frontier for distributed attack detection in fog-to-things computing

A. Abeshu, N. Chilamkurti

Published: 2018

Proceedings - International Carnahan Conference on Security Technology

Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy

I. Sharafaldin, A. H. Lashkari, S. Hakak, A. A. Ghorbani

Published: 2019

University of Victoria

Network intrusion detection for distributed denial-of-service (DDoS) attacks using machine learning classification techniques

Y. S. Hussain

Published: 2020

Security and Communication Networks

Towards effective detection of recent DDoS attacks: A deep learning approach

I. Ortet Lopes, D. Zou, F. A. Ruambo, S. Akbar, B. Yuan

Published: 2021

2020 IEEE 21st International Symposium on” A World of Wireless, Mobile and Multimedia Networks”(WoWMoM)

Ddosnet: A deep-learning model for detecting network attacks

M. S. Elsayed, N.-A. Le-Khac, S. Dev, A. D. Jurcut

Published: 2020

IEEE Access

RTVD: A real-time volumetric detection scheme for DDoS in the internet of things

J. Li, M. Liu, Z. Xue, X. Fan, X. He

Published: 2020

IEEE Access

Long short-term memory and fuzzy logic for anomaly detection and mitigation in software-defined network environment

M. P. Novaes, L. F. Carvalho, J. Lloret, M. L. Proenca

Published: 2020

IEEE Internet of Things Journal

Flowguard: an intelligent edge defense mechanism against IoT DDoS attacks

Y. Jia, F. Zhong, A. Alrawais, B. Gong, X. Cheng

Published: 2020

IEEE Access

Towards effective network intrusion detection: from concept to creation on azure cloud

S. Rajagopal, P. P. Kundapur, K. Hareesha

Published: 2021

International Journal of Machine Learning and Cybernetics

DDoS detection in 5G-enabled IoT networks using deep Kalman backpropagation neural network

M. Almiani, A. AbuGhazleh, Y. Jararweh, A. Razaque

Published: 2021

Computers & Electrical Engineering

Near real-time security system applied to sdn environments in iot networks using convolutional neural network

M. V. de Assis, L. F. Carvalho, J. J. Rodrigues, J. Lloret, M. L. Proenc¸a Jr

Published: 2020

9th annual computing and communication workshop and conference (CCWC)

Deep learning models for cyber security in IoT networks

M. Roopak, G. Y. Tian, J. Chambers

Published: 2019

IEEE Transactions on Network and Service Management

LUCID: A practical, lightweight deep learning solution for DDoS attack detection

R. Doriguzzi-Corin, S. Millar, S. Scott-Hayward, J. Martinez-del Rincon, D. Siracusa

Published: 2020

Science of Cyber Security: 4th International Conference, SciSec 2022

An intrusion detection system based on deep belief networks

O. Belarbi, A. Khan, P. Carnelli, T. Spyridopoulos

Published: 2022

Proceedings DARPA information survivability conference and exposition

Statistical approaches to DDoS attack detection and response

L. Feinstein, D. Schnackenberg, R. Balupari, D. Kindred

Published: 2003

Computers & Electrical Engineering

A practical approach to detection of distributed denial-of-service attacks using a hybrid detection method

P. Bojovic, I. Ba ´ siˇ cevi ˇ c, S. Ocovaj, M. Popovi ´ c

Published: 2019

2011 Third International Conference on Advanced Computing

Detection of DDoS attacks using enhanced support vector machines with real time generated dataset

T. Subbulakshmi, K. BalaKrishnan, S. M. Shalinie, D. AnandKumar, V. GanapathiSubramanian, K. Kannathal

Published: 2011

Next generation data mining

Minds-minnesota intrusion detection system

L. Ertoz, E. Eilertson, A. Lazarevic, P.-N. Tan, V. Kumar, J. Srivastava, P. Dokas

Published: 2004

USENIX Security Symposium

Frequent episode rules for intrusive anomaly detection with internet datamining

M. Qin, K. Hwang

Published: 2004

Procedia computer science

Detection of dns ddos attacks with random forest algorithm on spark

L. Chen, Y. Zhang, Q. Zhao, G. Geng, Z. Yan

Published: 2018

IEEE international conference on big data and smart computing (bigcomp)

Xgboost classifier for ddos attack detection and analysis in sdn-based cloud

Z. Chen, F. Jiang, Y. Cheng, X. Gu, W. Liu, J. Peng

Published: 2018

arxiv

Cited by 1

IEEE Symposium on Security and Privacy Workshops

Machine Learning DDoS Detection for Consumer Internet of Things Devices

Rohan Doshi, Noah Apthorpe, Nick Feamster

Published: 4.12.2018

An increasing number of Internet of Things (IoT) devices are connecting to the Internet, yet many of these devices are fundamentally insecure, exposing the Internet to a variety of attacks. Botnets such as Mirai have used insecure consumer IoT devices to conduct distributed denial of service (DDoS) attacks on critical Internet infrastructure. This motivates the development of new techniques to automatically detect consumer IoT attack traffic. In this paper, we demonstrate that using IoT-specific network behaviors (e.g. limited number of endpoints and regular time intervals between packets) to inform feature selection can result in high accuracy DDoS detection in IoT network traffic with a variety of machine learning algorithms, including neural networks. These results indicate that home gateway routers or other network middleboxes could automatically detect local IoT device sources of DDoS attacks using low-cost machine learning algorithms and traffic data that is flow-based and protocol-agnostic.

Anomaly Detection Method Model DoS IoT Threat Detection in Home Routers

hping3(8) - linux man page

S. Sanfilippo

Published: 2022

ICISSp

Toward generating a new intrusion detection dataset and intrusion traffic characterization

Iman Sharafaldin, Arash Habibi Lashkari, Ali A Ghorbani

Published: 2018

The CAIDA UCSD “DDoS Attack 2007” dataset

CAIDA

Published: 2007

DARPA 2000 intrusion detection scenario specific data sets

DARPA

Published: 2000

2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications

Analysis of the 1999 DARPA/Lincoln laboratory IDS evaluation data with netadhict

C. Brown, A. Cowperthwaite, A. Hijazi, A. Somayaji

Published: 2009

Emerging Research in Computing, Information, Communication and Applications

An approach of DDoS attack detection using classifiers

K. J. Singh, T. De

Published: 2015

IEEE transactions on parallel and distributed systems

Discriminating DDoS attacks from flash crowds using flow correlation coefficient

S. Yu, W. Zhou, W. Jia, S. Guo, Y. Xiang, F. Tang

Published: 2011

IEEE Transactions on Network and Service Management

A novel multi-stage approach for hierarchical intrusion detection

M. Verkerken, L. D’hooge, D. Sudyana, Y.-D. Lin, T. Wauters, B. Volckaert, F. De Turck

Published: 2023

ACM SIGCOMM Computer Communication Review

Traffic classification on the fly

L. Bernaille, R. Teixeira, I. Akodkenou, A. Soule, K. Salamatian

Published: 2006

IEEE GLOBECOM 2008-2008 IEEE Global Telecommunications Conference

Real-time p2p traffic identification

J. Li, S. Zhang, Y. Lu, J. Yan

Published: 2008

J. Softw.

Realtime encrypted traffic identification using machine learning

C. Gu, S. Zhang, Y. Sun

Published: 2011

2017 2nd IEEE International Conference on Computational Intelligence and Applications (ICCIA)

A novel algorithm for encrypted traffic classification based on sliding window of flow’s first n packets

Y. Liu, J. Chen, P. Chang, X. Yun

Published: 2017

Advances in Neural Information Processing Systems

Why do tree-based models still outperform deep learning on typical tabular data?

L. Grinsztajn, E. Oyallon, G. Varoquaux

Published: 2022

Netflow version 9 flow-record format

USENIX Security Symposium

Dos and Don'ts of Machine Learning in Computer Security

Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, Konrad Rieck

Published: 10.19.2020

With the growing processing power of computing systems and the increasing availability of massive datasets, machine learning algorithms have led to major breakthroughs in many different areas. This development has influenced computer security, spawning a series of work on learning-based security systems, such as for malware detection, vulnerability discovery, and binary code analysis. Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance and render learning-based systems potentially unsuitable for security tasks and practical deployment. In this paper, we look at this problem with critical eyes. First, we identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We conduct a study of 30 papers from top-tier security conferences within the past 10 years, confirming that these pitfalls are widespread in the current security literature. In an empirical analysis, we further demonstrate how individual pitfalls can lead to unrealistic performance and interpretations, obstructing the understanding of the security problem at hand. As a remedy, we propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible. Furthermore, we identify open problems when applying machine learning in security and provide directions for further research.

Dataset evaluation Bias Spurious Correlation

In: 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS), IEEE

A novel hierarchical intrusion detection system based on decision tree and rules-based models

Ahmim A, Maglaras L, Ferrag MA

Published: 2019