Detection of Distributed Denial of Service Attacks for IoT-Based Healthcare Systems

Gaganjot Kaur; Prinima Gupta

doi:10.24423/cames.450

Gaganjot Kaur Manav Rachna University
Prinima Gupta Manav Rachna University

DOI: http://dx.doi.org/10.24423/cames.450

Abstract

One of the major common assaults in the current Internet of things (IoT) network-based healthcare infrastructures is distributed denial of service (DDoS). The most challenging task in the current environment is to manage the creation of vast multimedia data from the IoT devices, which is difficult to be handled solely through the cloud. As the software defined networking (SDN) is still in its early stages, sampling-oriented measurement techniques used today in the IoT network produce low accuracy, increased memory usage, low attack detection, higher processing and network overheads. The aim of this research is to improve attack detection accuracy by using the DPTCM-KNN approach. The DPTCMKNN technique outperforms support vector machine (SVM), yet it still has to be improved. For healthcare systems, this work develops a unique approach for detecting DDoS assaults on SDN using DPTCM-KNN.

Keywords

software-defined networking, k-nearest neighbors, distributed denial of service, DPTCM-KNN approach, SVM,

References

1. J.A. Pérez-Díaz, I.A. Valdovinos, K.-K.R. Choo, D. Zhu, A flexible SDN-based architecture for identifying and mitigating low-rate DDoS attacks using machine learning, IEEE Access, 8: 155859–155872, 2020, doi: 10.1109/ACCESS.2020.3019330.
2. J. Zheng, Q. Li, G. Gu, J. Cao, D.K.Y. Yau, J. Wu, Realtime DDoS defense using COTS SDN switches via adaptive correlation analysis, IEEE Transactions on Information Forensics and Security, 13(7): 1838–1853, 2018, doi: 10.1109/TIFS.2018.2805600.
3. L. Tan, Y. Pan, J. Wu, J. Zhou, H. Jiang, Y. Deng, A new framework for DDoS attack detection and defense in SDN environment, IEEE Access, 8: 161908–161919, 2020, doi: 10.1109/ACCESS.2020.3021435.
4. R.M.A. Ujjan, Z. Pervez, K. Dahal, A.K. Bashir, R. Mumtaz, J. González, Towards sFlow and adaptive polling sampling for deep learning based DDoS detection in SDN, Future Generation Computer Systems, 111: 763–779, 2020, doi: 10.1016/j.future.2019.10.015.
5. N.Z. Bawany, J.A. Shamsi, SEAL: SDN based secure and agile framework for protecting smart city applications from DDoS attacks, Journal of Network and Computer Applications, 145: 102381, 2019, doi: 10.1016/j.jnca.2019.06.001.
6. P. Harikrishna, A. Amuthan, SDN-based DDoS attack mitigation scheme using convolution recursively enhanced self organizing maps, S¯adhan¯a, 45: Article No. 104, 2020, doi: 10.1007/s12046-020-01353-x.
7. K. Bhushan, B.B. Gupta, Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment, Journal of Ambient Intelligence and Humanized Computing, 10: 1985–1997, 2019, doi: 10.1007/s12652-018-0800-9.
8. K. Kalkan, L. Altay, G. Gür, F. Alagöz, JESS: Joint entropy-based DDoS defense scheme in SDN, IEEE Journal on Selected Areas in Communications, 36(10): 2358–2372, 2018, doi: 10.1109/JSAC.2018.2869997.
9. N. Agrawal, S. Tapaswi, Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the-art and research challenges, IEEE Communications Surveys & Tutorials, 21(4): 3769–3795, 2019, doi: 10.1109/COMST.2019.2934468.
10. Y. Xiang, K. Li, W. Zhou, Low-rate DDoS attacks detection and traceback by using new information metrics, IEEE Transactions on Information Forensics and Security, 6(2): 426–437, 2011, doi: 10.1109/TIFS.2011.2107320.
11. C. Zhang, Z. Cai, W. Chen, X. Luo, J. Yin, Flow level detection and filtering of low-rate DDoS, Computer Networks, 56(15): 3417–3431, 2012, doi: 10.1016/j.comnet.2012.07.003.
12. W. Zhijun, X. Qing, W. Jingjie, Y. Meng, L. Liang, Low-rate DDoS attack detection based on factorization machine in software defined network, IEEE Access, 8: 17404–17418, 2020, doi: 10.1109/ACCESS.2020.2967478.
13. A. Kishor, C. Chakraborty, W. Jeberson, Reinforcement learning for medical information processing over heterogeneous networks, Multimedia Tools and Applications, 80(16): 23983–24004, 2021, doi: 10.1007/s11042-021-10840-0.
14. J. Ye, X. Cheng, J. Zhu, L. Feng, L. Song, A DDoS attack detection method based on SVM in software defined network, Security and Communication Networks, 2018: Article ID 9804061, 8 pages, 2018, doi: 10.1155/2018/9804061.
15. N. Hoque, D.K. Bhattacharyya, J.K. Kalita, Botnet in DDoS attacks: Trends and challenges, IEEE Communications Surveys Tutorials, 17(4): 2242–2270, 2015, doi: 10.1109/COMST.2015.2457491.
16. R.M.A. Saad, M. Anbar, S. Manickam, E. Alomari, An intelligent ICMPv6 DDsS floodingattack detection framework (v6IIDS) using back-propagation neural network, IETE Technical Review, 33(3): 244–255, 2016, doi: 10.1080/02564602.2015.1098576.
17. A. Saied, R.E. Overill, T. Radzik, Detection of known and unknown DDoS attacks using artificial neural networks, Neurocomputing, 172: 385–393, 2016, doi: 10.1016/j.neucom.2015.04.101.
18. T.A. Pascoal, Y.G. Dantas, I.E. Fonseca, V. Nigam, Slow TCAM exhaustion DDoS attack, [in:] S. De Capitani di Vimercati, F. Martinelli [Eds.], ICT Systems Security and Privacy Protection, SEC 2017. IFIP Advances in Information and Communication Technology, Vol. 502, pp. 17–31, Springer International Publishing, Cham, 2017.
19. K. Hong, Y. Kim, H. Choi, J. Park, SDN-assisted slow http DDoS attack defense method, IEEE Communications Letters, 22(4): 688–691, 2017, doi: 10.1109/LCOMM.2017.2766636.
20. R. Bharti, A. Khamparia, M. Shabaz, G. Dhiman, S. Pande, P. Singh, Prediction of heart disease using a combination of machine learning and deep learning, Computational Intelligence and Neuroscience, 2021: pp. 1–11, A.A. Abd El-Latif [Ed.], 2021, doi: 10.1155/2021/8387680.
21. O.A. Osanaiye, K.-K.R. Choo, M. Dlodlo, Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework, Journal of Network and Computer Applications, 67: 147–165, 2016, doi: 10.1016/j.jnca.2016.01.001.
22. P. Ratta, A. Kaur, S. Sharma, M. Shabaz, G. Dhiman, Application of blockchain and Internet of things in healthcare and medical sector: Applications, challenges, and future perspectives, Journal of Food Quality, 2021: pp. 1–20, 2021, doi: 10.1155/2021/7608296.
23. S. Lim, S. Yang, Y. Kim, S. Yang, H. Kim, Controller scheduling for continued SDN operation under DDoS attacks, Electronics Letters, 51(16): 1259–1261, 2015, doi: 10.1049/el.2015.0334.
24. T. Thakur et al., Gene expression-assisted cancer prediction techniques, D. Zaitsev [Ed.], Journal of Healthcare Engineering, 2021, Article ID 4242646, 9 pages, 2021, doi: 10.1155/2021/4242646.
25. S. Yu, W. Zhou, R. Doss, W. Jia, Traceback of DDoS attacks using entropy variations, IEEE Transactions on Parallel and Distributed Systems, 22(3): 412–425, 2011, doi: 10.1109/TPDS.2010.97.
26. A. Kishor, C. Chakraborty, W. Jeberson, Intelligent healthcare data segregation using fog computing with internet of things and machine learning, International Journal of Engineering Systems Modelling and Simulation, 12(2–3): 188–194, 2021, doi: 10.1504/IJESMS.2021.115533.
27. K. Kalkan, G. Gür, F. Alagöz, Filtering-based defense mechanisms against DDoS attacks: A survey, IEEE Systems Journal, 11(4): 2761–2773, 2017, doi: 10.1109/JSYST.2016.2602848.
28. J. Mirkovic, P. Reiher, A taxonomy of DDoS attack and DDoS defense mechanisms, SIGCOMM Computer Communication Review, 34(2): 39–53, 2004, doi: 10.1145/997150.997156.
29. B. Wang, Y. Zheng, W. Lou, Y.T. Hou, DDoS attack protection in the era of cloud computing and software-defined networking, Computer Networks, 81: 308–319, 2015, doi: 10.1016/j.comnet.2015.02.026.