A Deep Learning Approach to Detection and Mitigation of Distributed Denial of Service Attacks in High Availability Intelligent Transport Systems

被引:6
作者
Mahajan, Nitish [1 ]
Chauhan, Amita [1 ]
Kumar, Harish [1 ]
Kaushal, Sakshi [1 ]
Sangaiah, Arun Kumar [2 ,3 ]
机构
[1] Panjab Univ, UIET, Chandigarh, India
[2] Vellore Inst Technol, Vellore, Tamil Nadu, India
[3] Natl Yunlin Univ Sci & Technol, Touliu, Yunlin, Taiwan
关键词
URLLC; eMBB; mMTC; ITS; SIP; IoT; DDoS; Deep learning; High-availability; Scalability; FLOODING ATTACKS; DDOS ATTACKS; SIP; PERFORMANCE;
D O I
10.1007/s11036-022-01973-z
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In the era of Internet of Things (IoT) powered by 5G technologies, Automobile Industry is headed towards a revolution. In Intelligent Transport Systems (ITS), vehicles act as connected entities, and exchange data with each other and with the back-end servers on the mobile network. These communications are often session based and require a light weight protocol for session establishment and continuity. Session Initiation Protocol (SIP) can act as the base for this kind of communication. However, its simplicity also makes the protocol vulnerable to various web attacks such as identity theft and Distributed Denial of Service (DDoS). As 5G technologies will enable high data rates to the users, this will also exponentially increase the threat of high-speed DDoS on the servers originating from different sources. Thus, appropriate solutions need to be developed for securing SIP systems from these threats. Machine Learning (ML) has transpired as a building block in cyber security solutions, and a large number of techniques are available to make quick and robust network defense systems by automating the identification of attack flows in the network. In this paper, a Deep Learning-based model is proposed for the identification and alleviation of DDoS attacks in SIP based networks. The work presented here uses a system that is scalable and highly available with load balancing and failover addressing capabilities. The datasets used for conducting experiments are created by emulating SIP sessions, generating DDoS attacks, capturing the normal and attack flows, and extracting time window-based features from the packets. A stacked autoencoder model is trained on the curated datasets to detect various types of DDoS attacks. Once an attack is detected, the Mitigation Policy Recommender module recommends various actions for threat mitigation. Performance of the system is assessed in terms of Accuracy, Precision, Recall and F1-Score. The proposed model obtains a significant improvement in the performance than the previously existing state-of-the-art techniques in terms of accuracy and detection rate.
引用
收藏
页码:1423 / 1443
页数:21
相关论文
共 45 条
[1]  
Aggarwal Shubhani, 2019, Advances in Computer Communication and Computational Sciences. Proceedings of IC4S 2017. Advances in Intelligent Systems and Computing (AISC 760), P451, DOI 10.1007/978-981-13-0344-9_38
[2]  
Akbar A., 2016, INT J INNOV ENG TECH, V7, P1
[3]   Securing SIP-based VoIP infrastructure against flooding attacks and Spam Over IP Telephony [J].
Akbar, Muhammad Ali ;
Farooq, Muddassar .
KNOWLEDGE AND INFORMATION SYSTEMS, 2014, 38 (02) :491-510
[4]   Study on Auto Detecting Defence Mechanisms against Application Layer Ddos Attacks in SIP Server [J].
Alam, Muhammad Morshed ;
Arafat, Muhammad Yeasir ;
Ahmed, Feroz .
JOURNAL OF NETWORKS, 2015, 10 (06) :344-352
[5]   DeepDetect: Detection of Distributed Denial of Service Attacks Using Deep Learning [J].
Asad, Muhammad ;
Asim, Muhammad ;
Javed, Talha ;
Beg, Mirza O. ;
Mujtaba, Hasan ;
Abbas, Sohail .
COMPUTER JOURNAL, 2020, 63 (07) :983-994
[6]  
Blander E, 2015, US Patent, Patent No. [9,143,558, 9143558]
[7]   Novel approach for detection of IoT generated DDoS traffic [J].
Cvitic, Ivan ;
Perakovic, Dragan ;
Perisa, Marko ;
Botica, Mate .
WIRELESS NETWORKS, 2021, 27 (03) :1573-1586
[8]   Protecting from Cloud-based SIP flooding attacks by leveraging temporal and structural fingerprints [J].
Dassouki, Khaled ;
Safa, Haidar ;
Nassar, Mohamed ;
Hijazi, Abbas .
COMPUTERS & SECURITY, 2017, 70 :618-633
[9]  
Dayanandam G, 2017, PROCEEDINGS OF THE 2017 3RD INTERNATIONAL CONFERENCE ON APPLIED AND THEORETICAL COMPUTING AND COMMUNICATION TECHNOLOGY (ICATCCT), P215, DOI 10.1109/ICATCCT.2017.8389136
[10]  
Ehlert Sven, 2008, Third International Conference on Internet Monitoring and Protection - ICIMP 2008, P59, DOI 10.1109/ICIMP.2008.14