Abstract
Security assurance in Vehicular Ad hoc Network (VANET) is a crucial and challenging task due to the open-access medium. One great threat to VANETs is Distributed Denial-of-Service (DDoS) attack because the target of this attack is to prevent authorized nodes from accessing the services. To provide high availability of VANETs, a scalable, reliable and robust network intrusion detection system should be developed to efficiently mitigate DDoS. However, big data from VANETs poses serious challenges to DDoS attack detection since the detection system require scalable methods to capture, store and process the big data. To overcome these challenges, this paper proposes a distributed DDoS network intrusion detection system based on big data technology. The proposed detection system consists of two main components: real-time network traffic collection module and network traffic detection module. To build our proposed system, we use Spark to speed up data processing and use HDFS to store massive suspicious attacks. In the network collection module, micro-batch data processing model is used to improve the real-time performance of traffic feature collection. In the traffic detection module, the classification algorithm based on Random Forest (RF) is adopted. In order to evaluate the accuracy of detection, the algorithm was evaluated and compared in the datasets, containing NSL-KDD and UNSW-NB15. The experimental results show that the proposed detection algorithm reached the accuracy rate of 99.95% and 98.75%, and the false alarm rate (FAR) of 0.05% and 1.08%, respectively, in two datasets.
Highlights
Vehicular Ad hoc NETwork (VANET) is regarded as a unique form of Mobile Ad hoc NETwork (MANET), since the communication nodes are mainly vehicles, and it is a key part of the Intelligent Transportation Systems (ITS) [1]–[3]
3) EVALUATION METRICS In this paper, four standard classification performance measurements are adopted to comprehensively estimate our proposed Network intrusion detection system (NIDS). These classification measures are all based on four elements: True positives (TP), Ture negatives(TN), False positives(FP), False negatives(FN)
Combining the performance of different classification algorithms on the two datasets, we can find that with respect to the proposed NIDS, the Random Forest (RF) algorithm can achieve good results in distributed denial-of-service (DDoS) attack detection, accompanying with the low false alarm rate (FAR). 2) DISCUSSION ABOUT EFFICIENCY OF DIFFERENT PARAMETERS IN RF In this part, we mainly investigate the effect of the sampling rate, the maximum depth of trees and the number of trees of RF
Summary
Vehicular Ad hoc NETwork (VANET) is regarded as a unique form of Mobile Ad hoc NETwork (MANET), since the communication nodes are mainly vehicles, and it is a key part of the Intelligent Transportation Systems (ITS) [1]–[3]. In order to overcome the limitations of these two methods, hybrid solutions based on both Signature-based and Anomaly-based techniques have been proposed in the literature [12] It is still a challenging task for NIDS to detect increasingly complex network attacks. The advantage of using ANN algorithms for unsupervised learning is that they can be relatively effective in detecting DDoS attack packets This kind of methods will not be scaled when the data is large and the network structure is complex. There are many problems with existing researches, including the performance limitation of the detection system, the scalability and stability of the system, and the ability to process large amounts of data Aiming to overcome these challenges, we propose a distributed NIDS for DDoS attack Detection based on big data framework in this paper.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
