TY - JOUR
T1 - Detection of DDoS attacks in D2D communications using machine learning approach
AU - Rani, S. V.Jansi
AU - Ioannou, Iacovos
AU - Nagaradjane, Prabagarane
AU - Christophorou, Christophoros
AU - Vassiliou, Vasos
AU - Charan, Sai
AU - Prakash, Sai
AU - Parekh, Niel
AU - Pitsillides, Andreas
N1 - Publisher Copyright:
© 2022 Elsevier B.V.
PY - 2023/1/15
Y1 - 2023/1/15
N2 - In device-to-device (D2D) communications, distributed Denial-of-Service (DDoS) attacks can be quite detrimental because it can result in network structure destruction. Towards this end, the research objective of this paper is to identify and prevent DDoS and Denial-of-Service (DoS) attacks (i.e., SYN, Slowloris) in a D2D communication environment. Specifically, by replicating a real-world scenario, we emulate SLowloris attacks in a D2D communication network and generate a D2D Network-specific Slowloris dataset. This dataset along with the CICDDoS2019 dataset was then used to train our proposed Machine learning (ML) model that aids in the detection and prevention of DDoS attacks (Slowloris and SYN) in the considered D2D framework. The whole process of how to construct an emulation network for D2D communication and test it against a variety of attacks and implementations is also demonstrated in the paper. To quantify the detection accuracy in the context of DDoS and DoS attacks, we use various ML algorithms such as Random Forest, Light GBM, XGBoost, and Ada Boost and study their performance with the aid of extensive emulation. The results collected revealed that both Slowloris and CICDDoS2019 datasets achieve greater accuracy with Random Forest. Consequently, the results compel us to develop a technique for combining the identification of DDoS and DoS attacks in binary classification Random Forests with the binary decision. The proposed technique has been evaluated and compared with other related approaches in the open literature demonstrating significant performance in terms of identification and prevention time, processing and memory resources required, and device battery consumption, without affecting the accuracy of the attack identification. Hence, we advocate that our proposed technique can be extremely beneficial in preventing DDoS and DoS attacks in a D2D communication environment, where its lifetime and capabilities are mainly associated with the resources of the D2D device (i.e., CPU, Memory, and battery life).
AB - In device-to-device (D2D) communications, distributed Denial-of-Service (DDoS) attacks can be quite detrimental because it can result in network structure destruction. Towards this end, the research objective of this paper is to identify and prevent DDoS and Denial-of-Service (DoS) attacks (i.e., SYN, Slowloris) in a D2D communication environment. Specifically, by replicating a real-world scenario, we emulate SLowloris attacks in a D2D communication network and generate a D2D Network-specific Slowloris dataset. This dataset along with the CICDDoS2019 dataset was then used to train our proposed Machine learning (ML) model that aids in the detection and prevention of DDoS attacks (Slowloris and SYN) in the considered D2D framework. The whole process of how to construct an emulation network for D2D communication and test it against a variety of attacks and implementations is also demonstrated in the paper. To quantify the detection accuracy in the context of DDoS and DoS attacks, we use various ML algorithms such as Random Forest, Light GBM, XGBoost, and Ada Boost and study their performance with the aid of extensive emulation. The results collected revealed that both Slowloris and CICDDoS2019 datasets achieve greater accuracy with Random Forest. Consequently, the results compel us to develop a technique for combining the identification of DDoS and DoS attacks in binary classification Random Forests with the binary decision. The proposed technique has been evaluated and compared with other related approaches in the open literature demonstrating significant performance in terms of identification and prevention time, processing and memory resources required, and device battery consumption, without affecting the accuracy of the attack identification. Hence, we advocate that our proposed technique can be extremely beneficial in preventing DDoS and DoS attacks in a D2D communication environment, where its lifetime and capabilities are mainly associated with the resources of the D2D device (i.e., CPU, Memory, and battery life).
KW - D2D
KW - D2D cloud security
KW - D2D security
KW - Distributed denial-of-service
KW - Emulation
KW - Machine learning
KW - SYN attack
KW - Slowloris attack
UR - http://www.scopus.com/inward/record.url?scp=85142715410&partnerID=8YFLogxK
U2 - 10.1016/j.comcom.2022.11.013
DO - 10.1016/j.comcom.2022.11.013
M3 - Article
AN - SCOPUS:85142715410
SN - 0140-3664
VL - 198
SP - 32
EP - 51
JO - Computer Communications
JF - Computer Communications
ER -