Detection of Sources Being Used in DDoS Attacks

Yalda Khosroshahi; Enver Ozdemir

doi:10.1109/CSCloud/EdgeCom.2019.000-1

Detection of Sources Being Used in DDoS Attacks

Yalda Khosroshahi
, Enver Ozdemir

Bilişim Enstitüsü

Istanbul Technical University

Araştırma sonucu: Kitap/Rapor/Konferans Bildirisinde Bölüm › Konferans katkısı › bilirkişi

7 Atıf (Scopus)

Özet

Distributed Denial of Service (DDoS) detection is one of the challenging topics in cyber defense realm. Detection of this type of attack in the early stages can be beneficial. In this paper, we propose an entropy-based detection framework using Support Vector Machine (SVM) classification algorithm to detect sources being used in DDoS attacks. This method can prevent Denial of Service (DoS) attack from proceeding in source devices which are involved in a DDoS botnet attack. By intercepting outgoing packets from an Android device, proposed framework extract packet features in a specific time window. Normal and abnormal network behavior of a user will be logged and analyzed using SVM algorithm. The obtained model will be used as a detection system for malicious activities.

Orijinal dil	İngilizce
Ana bilgisayar yayını başlığı	Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019
Editörler	Meikang Qiu
Yayınlayan	Institute of Electrical and Electronics Engineers Inc.
Sayfalar	163-168
Sayfa sayısı	6
ISBN (Elektronik)	9781728116600
DOI'lar	https://doi.org/10.1109/CSCloud/EdgeCom.2019.000-1
Yayın durumu	Yayınlandı - Haz 2019
Etkinlik	6th IEEE International Conference on Cyber Security and Cloud Computing and 5th IEEE International Conference on Edge Computing and Scalable Cloud, CSCloud/EdgeCom 2019 - Paris, France Süre: 21 Haz 2019 → 23 Haz 2019

Yayın serisi

Adı	Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019

???event.eventtypes.event.conference???

???event.eventtypes.event.conference???	6th IEEE International Conference on Cyber Security and Cloud Computing and 5th IEEE International Conference on Edge Computing and Scalable Cloud, CSCloud/EdgeCom 2019
Ülke/Bölge	France
Şehir	Paris
Periyot	21/06/19 → 23/06/19

Bibliyografik not

Publisher Copyright:
© 2019 IEEE.

Belgeye Erişim

10.1109/CSCloud/EdgeCom.2019.000-1

Diğer Dosyalar ve Linkler

Link to publication in Scopus

Alıntı Yap

Khosroshahi, Y., & Ozdemir, E. (2019). Detection of Sources Being Used in DDoS Attacks. In M. Qiu (Ed.), Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019 (pp. 163-168). Makale 8854024 (Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CSCloud/EdgeCom.2019.000-1

Khosroshahi, Yalda ; Ozdemir, Enver. / Detection of Sources Being Used in DDoS Attacks. Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019. editör / Meikang Qiu. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 163-168 (Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019).

@inproceedings{0a25b26114c4428788040970f913b64d,

title = "Detection of Sources Being Used in DDoS Attacks",

abstract = "Distributed Denial of Service (DDoS) detection is one of the challenging topics in cyber defense realm. Detection of this type of attack in the early stages can be beneficial. In this paper, we propose an entropy-based detection framework using Support Vector Machine (SVM) classification algorithm to detect sources being used in DDoS attacks. This method can prevent Denial of Service (DoS) attack from proceeding in source devices which are involved in a DDoS botnet attack. By intercepting outgoing packets from an Android device, proposed framework extract packet features in a specific time window. Normal and abnormal network behavior of a user will be logged and analyzed using SVM algorithm. The obtained model will be used as a detection system for malicious activities.",

keywords = "DDoS Detection, Entropy, Machine Learning, SVM, TCP Flood",

author = "Yalda Khosroshahi and Enver Ozdemir",

note = "Publisher Copyright: {\textcopyright} 2019 IEEE.; 6th IEEE International Conference on Cyber Security and Cloud Computing and 5th IEEE International Conference on Edge Computing and Scalable Cloud, CSCloud/EdgeCom 2019 ; Conference date: 21-06-2019 Through 23-06-2019",

year = "2019",

month = jun,

doi = "10.1109/CSCloud/EdgeCom.2019.000-1",

language = "English",

series = "Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "163--168",

editor = "Meikang Qiu",

booktitle = "Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019",

address = "United States",

}

Khosroshahi, Y & Ozdemir, E 2019, Detection of Sources Being Used in DDoS Attacks. in M Qiu (ed.), Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019., 8854024, Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019, Institute of Electrical and Electronics Engineers Inc., pp. 163-168, 6th IEEE International Conference on Cyber Security and Cloud Computing and 5th IEEE International Conference on Edge Computing and Scalable Cloud, CSCloud/EdgeCom 2019, Paris, France, 21/06/19. https://doi.org/10.1109/CSCloud/EdgeCom.2019.000-1

Detection of Sources Being Used in DDoS Attacks. / Khosroshahi, Yalda; Ozdemir, Enver.
Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019. ed. / Meikang Qiu. Institute of Electrical and Electronics Engineers Inc., 2019. p. 163-168 8854024 (Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019).

Araştırma sonucu: Kitap/Rapor/Konferans Bildirisinde Bölüm › Konferans katkısı › bilirkişi

TY - GEN

T1 - Detection of Sources Being Used in DDoS Attacks

AU - Khosroshahi, Yalda

AU - Ozdemir, Enver

PY - 2019/6

Y1 - 2019/6

N2 - Distributed Denial of Service (DDoS) detection is one of the challenging topics in cyber defense realm. Detection of this type of attack in the early stages can be beneficial. In this paper, we propose an entropy-based detection framework using Support Vector Machine (SVM) classification algorithm to detect sources being used in DDoS attacks. This method can prevent Denial of Service (DoS) attack from proceeding in source devices which are involved in a DDoS botnet attack. By intercepting outgoing packets from an Android device, proposed framework extract packet features in a specific time window. Normal and abnormal network behavior of a user will be logged and analyzed using SVM algorithm. The obtained model will be used as a detection system for malicious activities.

AB - Distributed Denial of Service (DDoS) detection is one of the challenging topics in cyber defense realm. Detection of this type of attack in the early stages can be beneficial. In this paper, we propose an entropy-based detection framework using Support Vector Machine (SVM) classification algorithm to detect sources being used in DDoS attacks. This method can prevent Denial of Service (DoS) attack from proceeding in source devices which are involved in a DDoS botnet attack. By intercepting outgoing packets from an Android device, proposed framework extract packet features in a specific time window. Normal and abnormal network behavior of a user will be logged and analyzed using SVM algorithm. The obtained model will be used as a detection system for malicious activities.

KW - DDoS Detection

KW - Entropy

KW - Machine Learning

KW - SVM

KW - TCP Flood

UR - https://www.scopus.com/pages/publications/85074156001

U2 - 10.1109/CSCloud/EdgeCom.2019.000-1

DO - 10.1109/CSCloud/EdgeCom.2019.000-1

M3 - Conference contribution

AN - SCOPUS:85074156001

T3 - Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019

SP - 163

EP - 168

BT - Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019

A2 - Qiu, Meikang

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 6th IEEE International Conference on Cyber Security and Cloud Computing and 5th IEEE International Conference on Edge Computing and Scalable Cloud, CSCloud/EdgeCom 2019

Y2 - 21 June 2019 through 23 June 2019

ER -

Khosroshahi Y, Ozdemir E. Detection of Sources Being Used in DDoS Attacks. In Qiu M, editör, Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 163-168. 8854024. (Proceedings - 6th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2019 and 5th IEEE International Conference on Edge Computing and Scalable Cloud, EdgeCom 2019). doi: 10.1109/CSCloud/EdgeCom.2019.000-1

Detection of Sources Being Used in DDoS Attacks

Özet

Yayın serisi

???event.eventtypes.event.conference???

Bibliyografik not

Belgeye Erişim

Diğer Dosyalar ve Linkler

Parmak izi

Alıntı Yap