Um Sistema Autônomo para a Predição de Ataques de DDoS em Redes Locais e Internet
Resumo
Diante da constante evolução dos ataques de negação de serviço distribuído (DDoS), torna-se necessário o desenvolvimento de técnicas de predição para confrontar essas ameaças. A dissimulação dos ataques e o alto volume de tráfego de rede dificultam o seu reconhecimento. Portanto é importante identificar a preparação dos ataques para aumentar o tempo hábil de combatê-los. Este artigo apresenta um sistema autoadaptativo para a predição dos ataques DDoS. O sistema define automaticamente a melhor configuração da rede neural para distinguir a preparação do ataque DDoS do tráfego normal. Os resultados indicam que o sistema consegue predizer um ataque DDoS em 29 minutos antes do seu início com acurácia superior à literatura (97,89%).
Referências
Ali, M. Q. and Al-Shaer, E. (2013). Configuration-based IDS for advanced metering infrastructure. In SIGSAC, page 451–462, USA. ACM.
Anuar, S., Ahmad, N. A., Sahibuddin, S., Ariffin, A., Saupi, A., Zamani, N. A., Jeffry, Y., and Efendy, F. (2018). Modeling malware prediction using artificial neural network. In SOMET, volume 303, pages 240–248, SPAIN. IOS Press.
Arp, D., Quiring, E., Pendlebury, F., Warnecke, A., Pierazzi, F., Wressnegger, C., Cavallaro, L., and Rieck, K. (2020). Dos and donts of machine learning in computer security.
Bedeian, A. G. and Mossholder, K. W. (2000). On the use of the coefficient of variation as a measure of diversity. ORM, 3(3):285–297.
Bury, T. M., Bauch, C. T., and Anand, M. (2020). Detecting and distinguishing tipping points using spectral early warning signals. J. R. Soc., 17(170).
Bury, T. M., Sujith, R. I., Pavithran, I., Scheffer, M., Lenton, T. M., Anand, M., and Bauch, C. T. (2021). Deep learning for early warning signals of tipping points. PNAS, 118(39).
Carpenter, S. R. and Brock, W. A. (2006). Rising variance: a leading indicator of ecological transition. Ecology Letters, 9(3):311–318.
Dakos, V., Carpenter, S. R., Brock, W. A., Ellison, A. M., Guttal, V., Ives, A. R., Kéfi, S., Livina, V., Seekell, D. A., van Nes, E. H., and Scheffer, M. (2012). Methods for detecting early warnings of critical transitions in time series illustrated using simulated ecological data. PLOS ONE, 7(7):1–20.
Feng, Y., Akiyama, H., Lu, L., and Sakurai, K. (2018). Feature selection for machine learning-based early detection of distributed cyber attacks. In DASC, pages 173–180, Greece. IEEE.
Feurer, M., Klein, A., Eggensperger, K., Springenberg, J. T., Blum, M., and Hutter, F. (2015). Efficient and robust automated machine learning. In NIPS, page 2755–2763, USA. MIT Press.
Garcia, S., Grill, M., Stiborek, J., and Zunino, A. (2014). An empirical comparison of botnet detection methods. Computers & Security, 45:100–123.
Horsanali, E., Yigit, Y., Secinti, G., Karameseoglu, A., and Canberk, B. (2021). Network-aware AutoML framework for software-defined sensor networks. In DCOSS, pages 451–457. IEEE.
Ioulianou, P., Vasilakis, V., and Shahandashti, S. F. (2022). ML-based detection of blackhole and rank attacks in RPL networks.
Jaber, A. N., Zolkipli, M. F., Majid, M. A., and Anwar, S. (2017). Methods for preventing distributed denial of service attacks in cloud computing. Advanced Science Letters, 23(6):5282–5285.
Jin, H., Song, Q., and Hu, X. (2019). Auto-keras: An efficient neural architecture search system. In ACM SIGKDD, pages 1946–1956. ACM.
Jyoti, N. and Behal, S. (2021). A meta-evaluation of machine learning techniques for detection of DDoS attacks. In INDIACom, pages 522–526, New Delhi, India. IEEE.
Lakshmanan, R. (2023). Massive HTTP DDoS attack hits record high of 71 million requests/second. [link].
Lam, J. and Abbas, R. (2020). Machine learning based anomaly detection for 5G networks. arXiv, -(-):12.
Machaka, P., Ajayi, O., Maluleke, H., Kahenga, F., Bagula, A., and Kyamakya, K. (2021). Modelling DDoS attacks in IoT networks using machine learning.
Nguyen, H., Tran, K., Thomassey, S., and Hamad, M. (2021). Forecasting and anomaly detection approaches using LSTM and LSTM Autoencoder techniques with the applications in supply chain management. IJIM, 57:1–38.
Rahal, B. M., Santos, A., and Nogueira, M. (2020). A distributed architecture for DDoS prediction and bot detection. IEEE Access, 8:159756–159772.
Santos, L. A. F., Campiolo, R., Gerosa, M. A., and Batista, D. M. (2013). Extração de alertas de segurança postados em mensagens de redes sociais. In SBRC, pages 791–804, Brasil.
Sharafaldin, I., Lashkari, A. H., Hakak, S., and Ghorbani, A. A. (2019). Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. In ICCST.
Silva, G. M., Neira, A., and Nogueira, M. (2022). Aprendizado profundo para a predição de ataques de negação de serviço distribuído. In SBRC, pages 475–488, Brasil. SBC.
Staudemeyer, R. C. and Morris, E. R. (2019). Understanding LSTM a tutorial into long short-term memory recurrent neural networks. CoRR, abs/1909.09586.
Anuar, S., Ahmad, N. A., Sahibuddin, S., Ariffin, A., Saupi, A., Zamani, N. A., Jeffry, Y., and Efendy, F. (2018). Modeling malware prediction using artificial neural network. In SOMET, volume 303, pages 240–248, SPAIN. IOS Press.
Arp, D., Quiring, E., Pendlebury, F., Warnecke, A., Pierazzi, F., Wressnegger, C., Cavallaro, L., and Rieck, K. (2020). Dos and donts of machine learning in computer security.
Bedeian, A. G. and Mossholder, K. W. (2000). On the use of the coefficient of variation as a measure of diversity. ORM, 3(3):285–297.
Bury, T. M., Bauch, C. T., and Anand, M. (2020). Detecting and distinguishing tipping points using spectral early warning signals. J. R. Soc., 17(170).
Bury, T. M., Sujith, R. I., Pavithran, I., Scheffer, M., Lenton, T. M., Anand, M., and Bauch, C. T. (2021). Deep learning for early warning signals of tipping points. PNAS, 118(39).
Carpenter, S. R. and Brock, W. A. (2006). Rising variance: a leading indicator of ecological transition. Ecology Letters, 9(3):311–318.
Dakos, V., Carpenter, S. R., Brock, W. A., Ellison, A. M., Guttal, V., Ives, A. R., Kéfi, S., Livina, V., Seekell, D. A., van Nes, E. H., and Scheffer, M. (2012). Methods for detecting early warnings of critical transitions in time series illustrated using simulated ecological data. PLOS ONE, 7(7):1–20.
Feng, Y., Akiyama, H., Lu, L., and Sakurai, K. (2018). Feature selection for machine learning-based early detection of distributed cyber attacks. In DASC, pages 173–180, Greece. IEEE.
Feurer, M., Klein, A., Eggensperger, K., Springenberg, J. T., Blum, M., and Hutter, F. (2015). Efficient and robust automated machine learning. In NIPS, page 2755–2763, USA. MIT Press.
Garcia, S., Grill, M., Stiborek, J., and Zunino, A. (2014). An empirical comparison of botnet detection methods. Computers & Security, 45:100–123.
Horsanali, E., Yigit, Y., Secinti, G., Karameseoglu, A., and Canberk, B. (2021). Network-aware AutoML framework for software-defined sensor networks. In DCOSS, pages 451–457. IEEE.
Ioulianou, P., Vasilakis, V., and Shahandashti, S. F. (2022). ML-based detection of blackhole and rank attacks in RPL networks.
Jaber, A. N., Zolkipli, M. F., Majid, M. A., and Anwar, S. (2017). Methods for preventing distributed denial of service attacks in cloud computing. Advanced Science Letters, 23(6):5282–5285.
Jin, H., Song, Q., and Hu, X. (2019). Auto-keras: An efficient neural architecture search system. In ACM SIGKDD, pages 1946–1956. ACM.
Jyoti, N. and Behal, S. (2021). A meta-evaluation of machine learning techniques for detection of DDoS attacks. In INDIACom, pages 522–526, New Delhi, India. IEEE.
Lakshmanan, R. (2023). Massive HTTP DDoS attack hits record high of 71 million requests/second. [link].
Lam, J. and Abbas, R. (2020). Machine learning based anomaly detection for 5G networks. arXiv, -(-):12.
Machaka, P., Ajayi, O., Maluleke, H., Kahenga, F., Bagula, A., and Kyamakya, K. (2021). Modelling DDoS attacks in IoT networks using machine learning.
Nguyen, H., Tran, K., Thomassey, S., and Hamad, M. (2021). Forecasting and anomaly detection approaches using LSTM and LSTM Autoencoder techniques with the applications in supply chain management. IJIM, 57:1–38.
Rahal, B. M., Santos, A., and Nogueira, M. (2020). A distributed architecture for DDoS prediction and bot detection. IEEE Access, 8:159756–159772.
Santos, L. A. F., Campiolo, R., Gerosa, M. A., and Batista, D. M. (2013). Extração de alertas de segurança postados em mensagens de redes sociais. In SBRC, pages 791–804, Brasil.
Sharafaldin, I., Lashkari, A. H., Hakak, S., and Ghorbani, A. A. (2019). Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. In ICCST.
Silva, G. M., Neira, A., and Nogueira, M. (2022). Aprendizado profundo para a predição de ataques de negação de serviço distribuído. In SBRC, pages 475–488, Brasil. SBC.
Staudemeyer, R. C. and Morris, E. R. (2019). Understanding LSTM a tutorial into long short-term memory recurrent neural networks. CoRR, abs/1909.09586.
Publicado
26/05/2023
Como Citar
BRITO, Davi; NEIRA, Anderson B. de; BORGES, Ligia F.; ARAÚJO, Alex M. de; NOGUEIRA, Michele.
Um Sistema Autônomo para a Predição de Ataques de DDoS em Redes Locais e Internet. In: WORKSHOP DE GERÊNCIA E OPERAÇÃO DE REDES E SERVIÇOS (WGRS), 28. , 2023, Brasília/DF.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2023
.
p. 29-42.
ISSN 2595-2722.
DOI: https://doi.org/10.5753/wgrs.2023.718.
