Abstract
Insecure networks are vulnerable to cyber-attacks, which may result in catastrophic damages on the local and global scope. Nevertheless, one of the tedious tasks in detecting any type of attack in a network, including DoS attacks, is to determine the thresholds required to discover whether an attack is occurring or not. In this paper, a hybrid system that incorporates different heuristic techniques along with a Finite State Machine is proposed to detect and classify DoS attacks. In the proposed system, a Genetic Programming technique combined with a Genetic Algorithm are designed and implemented to represent the system core that evolves an optimized tree—based detection model. A Hill-Climbing technique is also employed to enhance the system by providing a reference point value for evaluating the optimized model and gaining better performance. Several experiments with different configurations are conducted to test the system performance using a synthetic dataset that mimics real-world network traffic with different features and scenarios. The developed system is compared to many state-of-art techniques with respect to several performance metrics. Additionally, a Mann-Whitney Wilcoxon test is conducted to validate the accuracy of the proposed system. The results show that the developed system succeeds in achieving higher overall performance and prove to be statistically significant.
Highlights
In 1969, ARPANet invented the first link between two computers, which was the main predecessor of the Internet that appeared in 1983 [1]
A Nvidia 1080 GTX GPU conjointly with AleaGPU[25] software was used to handle all the computation of fitness function evaluation utilizing the power of parallel computing using CUDA
In this research, a hybrid system consisting of Genetic Algorithms (GA), Genetic Programming (GP) and Finite State Machine (FSM) for the detection of high-volume Denial of Service (DoS) attacks along with anomalous DoS events was developed
Summary
In 1969, ARPANet invented the first link between two computers, which was the main predecessor of the Internet that appeared in 1983 [1]. Software Defined Networks (SDN) make use of computer networks to accomplish their goals [3],[4] Such vital services have to be available for the end-users, allowing them to acquire and exchange information in an agile, easy and pervasive way on a daily basis. Hill-Climbing is a variant generate-and-test heuristic algorithm which follows the approach of trial and error by starting with an arbitrary solution and keeps iterating by making incremental changes[13]. Many expert systems used for DoS detection rely on a predetermined threshold of certain parameters to determine whether there is an attack occurring inside the network or not These approaches can yield a higher false-positive rate as well as a low detection accuracy. A system combining different heuristic techniques along with a Finite State Machine is proposed to detect the occurrences of high-volume DoS attacks.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Advanced Computer Science and Applications
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
