رویکردی برای تشخیص حملات DDoS در محیط رایانش ابری با استفاده از آنتروپی و بهینه‌سازی ازدحام ذرات

محورهای موضوعی : مهندسی الکترونیک

مهدی آسایش جو ¹ , مهدی صادق زاده ² , مازیار گنجو ³

1 - گروه کامپیوتر،دانشگاه ازاد اسلامی،بوشهر،ایران
2 - گروه مهندسی کامپیوتر، دانشکده فنی و مهندسی، واحد ماهشهر، دانشگاه آزاد اسلامی، ماهشهر، ایران
3 - گروه کامپیوتر،دانشگاه آزاد،بوشهر،ایران

تاریخ دریافت : 1399/12/20 تاریخ پذیرش : 1400/04/09 تاریخ انتشار : 1400/04/01

کلید واژه: حمله DDoS, رایانش ابری, بهینه‌سازی ازدحام ذرات, تشخیص حملات, آنتروپی,

چکیده مقاله :

رایانش ابری یک فناوری نوظهور و در حال رشد است که به طور گسترده برای ارائه محاسبات، خدمات ذخیره‌سازی و سایر منابع از طریق اینترنت استفاده می‌شود. در دسترس بودن سرویس‌های ابری یکی از مهمترین نگرانی‌های ارائه‌دهندگان خدمات ابری است. در حالی که سرویس‌های ابری عمدتا از طریق اینترنت منتقل می‌شوند، مستعد حملات مختلفی هستند که منجر به درز اطلاعات حساس شود. حمله DDoS به عنوان یکی از مهمترین تهدیدات امنیتی برای محیط رایانش ابری شناخته می‌شود. این حمله تلاشی صریح توسط یک مهاجم برای جلوگیری و عدم دسترسی به خدمات یا منابع مشترک در یک محیط ابری است. در این مقاله رویکردی ترکیبی برای مقابله با حمله DDoS در محیط رایانش ابری مورد بحث قرار گرفته است. این روش اهمیت روش‌های مبتنی بر انتخاب ویژگی‌های موثر و مدل‌های دسته‌بندی را برجسته می‌کند. در اینجا، رویکردی بر مبنای آنتروپی و بهینه‌سازی ازدحام ذرات برای مقابله با این حملات در محیط رایانش ابری ارائه می‌شود. دسته‌بندی داده‌های با ابعاد بالا معمولاً به انتخاب ویژگی به عنوان یک مرحله قبل از پردازش برای کاهش ابعاد نیاز دارد. با این حال، انتخاب ویژگی‌های موثر یک کار چالش برانگیز است که در این مقاله از بهینه‌سازی ازدحام ذرات برای اینکار استفاده می‌شود. در اینجا، مدل دسته‌بندی پیشنهادی بر مبنای استفاده از ساختمان داده درخت جستجوی دودویی متوازن و دیکشنری توسعه یافته است. شبیه‌سازی براساس مجموعه داده‌های NSL-KDD و CICDDoS2019 انجام شده که نتایج برتری روش پیشنهادی را با میانگین دقت تشخیص 99.84% نسبت به الگوریتم-های AGA و E-SVM اثبات می‌کند.

چکیده انگلیسی:

Cloud computing is an emerging technology that is widely used to provide computing, data storage services and other remote resources over the Internet. Availability of cloud services is one of the most important concerns of cloud service providers. While cloud services are mainly transmitted over the Internet, they are prone to various attacks that may lead to the leakage of sensitive information. Distributed DDoS attack is known as one of the most important security threats to the cloud computing environment. This attack is an explicit attempt by an attacker to block or deny access to shared services or resources in a cloud environment. This paper discusses a hybrid approach to dealing with DDoS attack in the cloud computing environment. This method highlights the importance of effective feature-based selection methods and classification models. Here, an entropy-based approach and particle swarm optimization to counter these attacks in a cloud computing environment is presented. Classification on high-dimensional data typically requires feature selection as a pre-processing step to reduce the dimensionality. However, effective features selecting is a challenging task, which in this paper uses particle swarm optimization. Here, the proposed classification model is developed based on the use of a balanced binary search tree and dictionary data structure. The simulation is based on the NSL-KDD and CICDDoS2019 datasets, which prove the superiority of the proposed method with an average detection accuracy of 99.84% over the AGA and E-SVM algorithms.

منابع و مأخذ:

[1] S. Q. A. Shah , F. Z. Khan and M. Ahmad “The impact and mitigation of ICMP based economic denial of sustainability attack in cloud computing environment using software defined network.” Computer Networks, vol.187, pp.107825, 2021.

[2] M. Haddadi and R. Beghdad “A Confidence Interval Based Filtering Against DDoS Attack in Cloud Environment: A Confidence Interval Against DDoS Attack in the Cloud.” International Journal of Information Security and Privacy (IJISP), vol.14,no.4, pp.42-56, 2020.

[3] R. SaiSindhuTheja and G. K. Shyam “An efficient metaheuristic algorithm based feature selection and recurrent neural network for DoS attack detection in cloud computing environment.” Applied Soft Computing, vol.100, pp.106997, 2021.

[4] O. Osanaiye, K. K. R. Choo and M. Dlodlo “Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework.” Journal of Network and Computer Applications, vol.67, pp.147-165, 2016.

[5] P. S. Bawa, S. U. Rehman and S. Manickam “Enhanced mechanism to detect and mitigate economic denial of sustainability (EDoS) attack in cloud computing environments.” Int. J. Adv. Comput. Sci. Appl, vol.8, no.9, pp.51-58, 2017.

[6] H. A. Kholidy, “Detecting impersonation attacks in cloud computing environments using a centric user profiling approach.” Future Generation Computer Systems, vol.117, pp.299-320, 2021.

[7] S. Subashini and V. Kavitha “A survey on security issues in service delivery models of cloud computing.” Journal of network and computer applications, vol.34, no.1, pp.1-11, 2011.

[8] N. Agrawal and S. Tapaswi “Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the-art and research challenges.” IEEE Communications Surveys & Tutorials, vol.21, no.4, pp.3769-3795, 2019.

[9] G. Somani., M. S. Gaur, D. Sanghi, M. Conti and R. Buyya “DDoS attacks in cloud computing: Issues, taxonomy, and future directions.” Computer Communications, vol.107, pp.30-48, 2017

[10] A. Praseed and P. S. Thilagam “DDoS attacks at the application layer: Challenges and research perspectives for safeguarding Web applications.” IEEE Communications Surveys & Tutorials, vol.21, no.1, pp. 661-685, 2018.

[11] G. Somani, M. S. Gaur, D. Sanghi, , M. Conti, M. Rajarajan and R. Buyya “Combating DDoS attacks in the cloud: requirements, trends, and future directions.” IEEE Cloud Computing, vol.4,no.1, pp.22-32, 2017.

[12] A. Shameli-Sendi, M. Pourzandi, M. Fekih-Ahmed and M. Cheriet “Taxonomy of distributed denial of service mitigation approaches for cloud computing.” Journal of Network and Computer Applications, vol.58, pp.165-179, 2015.

[13] S. T. Zargar, J. Joshi and D. Tipper “A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks.” IEEE communications surveys & tutorials, vol.15,no.4, pp.2046-2069, 2013.

[14] N. Agrawal and S. Tapaswi “A lightweight approach to detect the low/high rate IP spoofed cloud DDoS attacks.” in IEEE 7th International Symposium on Cloud and Service Computing (SC2),2017, pp. 118-123.

[15] G. I. Shidaganti, A. S. Inamdar, S. V. Rai and A. M. Rajeev “SCEF: A model for prevention of DDoS attacks from the cloud.” International Journal of Cloud Applications and Computing (IJCAC), vol.10, no.3,pp. 67-80, 2020.

[16] H. F. El-Sofany “A New Cybersecurity Approach for Protecting Cloud Services against DDoS Attacks.” International Journal of Intelligent Engineering and Systems, vol.13,no.2,pp. 205-215, 2020.

[17] A. Bhardwaj, V. Mangat, R. Vig, , S. Halder, and, M. Conti ”Distributed denial of service attacks in cloud: State-of-the-art of scientific and commercial solutions.” Computer Science Review, vol.39, pp.100332, 2021.

[18] A. Saied, R. E. Overill and T. Radzik “Detection of known and unknown DDoS attacks using Artificial Neural Networks.” Neurocomputing, vol.172, pp.385-393, 2016.

[19] S. Rastegari, P. Hingston and C. P. Lam “Evolving statistical rulesets for network intrusion detection.” Applied soft computing, vol.33, pp.348-359, 2015.

[20] N. K. Kanakarajan and, K. Muniasamy”Improving the accuracy of intrusion detection using gar-forest with feature selection.” In Proceedings of the 4th International Conference on Frontiers in Intelligent Computing: Theory and Applications (FICTA), 2015, pp. 539-547.

[21] B. Ingre and A. Yadav “Performance analysis of NSL-KDD dataset using ANN.” in international conference on signal processing and communication engineering systems,2015, pp. 92-96.

[22] S. M. H. Bamakan, H. Wang, T. Yingjie and Y. Shi “An effective intrusion detection framework based on MCLP/SVM optimized by time-varying chaos particle swarm optimization.” Neurocomputing, vol.199, pp.90-102, 2016.

[23] M. Ghalehgolabi and A. Rezaeipanah “Intrusion Detection System Using Genetic Algorithm and Data Mining Techniques Based on the Reduction.” International Journal of Computer Applications Technology and Research, vol.6,no.11, pp.461-466, 2017.

[24] C. Yang “Anomaly network traffic detection algorithm based on information entropy measurement under the cloud computing environment.” Cluster Computing, vol.22,no.4, pp.8309-8317, 2019.

[25], N. Agrawal, and, S. Tapaswi “An SDN-Assisted Defense Mechduanism for the Shrew DDoS Attack in a Cloud Computing Environment.” Journal of Network and Systems Management, vol.29,no.2, pp.1-28, 2021.

[26], A. Sharma, , C. Agrawal, , A. Singh, and, K. Kumar “Real-time DDoS detection bsed on entropy using Hadoop framework.” In Computing in Engineering and Technology,2020, pp. 297-305.

[27] K. B. Virupakshar, M. Asundi, K. Channal, P. Shettar, S. Patil, and D. G. Narayan, “Distributed denial of service (DDoS) attacks detection system for OpenStack-based private cloud”, Procedia Computer Science, vol.167, pp.2297-2307, 2020.

[28] A. B. Dehkordi, M. Soltanaghaei, and F. Z. Boroujeni, “The DDoS attacks detection through machine learning and statistical methods in SDN”. The Journal of Supercomputing, vol.77, no.3,pp. 2383-2415, 2021.

[29] D. Kshirsagar, and S. Kumar , “A feature reduction based reflected and exploited DDoS attacks detection system”, Journal of Ambient Intelligence and Humanized Computing,vol.13,no.3, pp.1-13, 2021.

[30] Nsl-kdd data set for network based intrusion detection systems.” Available on: http://nsl.cs.unb.ca/KDD/NSL-KDD.html, November 2020.

[31] I. Sharafaldin, A. H. Lashkari, S. Hakak, and A. A. Ghorbani “Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy.” In International Carnahan Conference on Security Technology (ICCST), 2019, pp. 1-8.

_||_