MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKS
Distributed Denial of Service (DDoS) attacks has been one of the persistent forms of attacks on information technology infrastructure connected to public networks due to the ease of access to DDoS attack tools. Researchers have been able to develop several techniques to curb volumetric DDoS which ov...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
UUM Press
2021-06-01
|
| Series: | Journal of ICT |
| Subjects: | |
| Online Access: | http://e-journal.uum.edu.my/index.php/jict/article/view/jict2021.20.3.1 |
| id |
doaj-c5ebd89b4e8d45078240050b2971a665 |
|---|---|
| record_format |
Article |
| spelling |
doaj-c5ebd89b4e8d45078240050b2971a6652021-08-02T22:42:47ZengUUM PressJournal of ICT1675-414X2021-06-01203277304https://doi.org/10.32890/jict2021.20.3.1MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKSOluwatobi Shadrach Akanji0Opeyemi Aderiike Abisoye1Mohammed Awwal Iliyasu2Department of Computer Science, Federal University of Technology Minna, NigeriaDepartment of Computer Science, Federal University of Technology Minna, NigeriaDepartment of Computer Science, Federal University of Technology Minna, NigeriaDistributed Denial of Service (DDoS) attacks has been one of the persistent forms of attacks on information technology infrastructure connected to public networks due to the ease of access to DDoS attack tools. Researchers have been able to develop several techniques to curb volumetric DDoS which overwhelms the target with a large number of request packets. However, compared to slow DDoS, limited number of research has been executed on mitigating slow DDoS. Attackers have resorted to slow DDoS because it mimics the behaviour of a slow legitimate client thereby causing service unavailability. This paper provides the scholarly community with an approach to boosting service availability in web servers under slow Hypertext Transfer Protocol (HTTP) DDoS attacks through attack detection using Genetic Algorithm and Support Vector Machine which facilitates attack mitigation in a Software-Defined Networking (SDN) environment simulated in GNS3. Genetic algorithm was used to select the Netflow features which indicates the presence of an attack and also determine the appropriate regularization parameter, C, and gamma parameter for the Support Vector Machine classifier. Results obtained showed that the classifier had detection accuracy, Area Under Receiver Operating Curve (AUC), true positive rate, false positive rate and a false negative rate of 99.89%, 99.89%, 99.95%, 0.18%, and 0.05% respectively. Also, the algorithm for subsequent implementation of the selective adaptive bubble burst mitigation mechanism was presented. This study contributes to the ongoing research in detecting and mitigating slow HTTP DDoS attacks with emphasis on the use of machine learning classification and meta-heuristic algorithms. http://e-journal.uum.edu.my/index.php/jict/article/view/jict2021.20.3.1genetic algorithmslow ddos mitigationslow distributed denial of servicesoftware defined networksupport vector machine |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Oluwatobi Shadrach Akanji Opeyemi Aderiike Abisoye Mohammed Awwal Iliyasu |
| spellingShingle |
Oluwatobi Shadrach Akanji Opeyemi Aderiike Abisoye Mohammed Awwal Iliyasu MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKS Journal of ICT genetic algorithm slow ddos mitigation slow distributed denial of service software defined network support vector machine |
| author_facet |
Oluwatobi Shadrach Akanji Opeyemi Aderiike Abisoye Mohammed Awwal Iliyasu |
| author_sort |
Oluwatobi Shadrach Akanji |
| title |
MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKS |
| title_short |
MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKS |
| title_full |
MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKS |
| title_fullStr |
MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKS |
| title_full_unstemmed |
MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKS |
| title_sort |
mitigating slow hypertext transfer protocol distributed denial of service attacks in software defined networks |
| publisher |
UUM Press |
| series |
Journal of ICT |
| issn |
1675-414X |
| publishDate |
2021-06-01 |
| description |
Distributed Denial of Service (DDoS) attacks has been one of the persistent forms of attacks on information technology infrastructure connected to public networks due to the ease of access to DDoS attack tools. Researchers have been able to develop several techniques to curb volumetric DDoS which overwhelms the target with a large number of request packets. However, compared to slow DDoS, limited number of research has been executed on mitigating slow DDoS. Attackers have resorted to slow DDoS because it mimics the behaviour of a slow legitimate client thereby causing service unavailability. This paper provides the scholarly community with an approach to boosting service availability in web servers under slow Hypertext Transfer Protocol (HTTP) DDoS attacks through attack detection using Genetic Algorithm and Support Vector Machine which facilitates attack mitigation in a Software-Defined Networking (SDN) environment simulated in GNS3. Genetic algorithm was used to select the Netflow features which indicates the presence of an attack and also determine the appropriate regularization parameter, C, and gamma parameter for the Support Vector Machine classifier. Results obtained showed that the classifier had detection accuracy, Area Under Receiver Operating Curve (AUC), true positive rate, false positive rate and a false negative rate of 99.89%, 99.89%, 99.95%, 0.18%, and 0.05% respectively. Also, the algorithm for subsequent implementation of the selective adaptive bubble burst mitigation mechanism was presented. This study contributes to the ongoing research in detecting and mitigating slow HTTP DDoS attacks with emphasis on the use of machine learning classification and meta-heuristic algorithms.
|
| topic |
genetic algorithm slow ddos mitigation slow distributed denial of service software defined network support vector machine |
| url |
http://e-journal.uum.edu.my/index.php/jict/article/view/jict2021.20.3.1 |
| work_keys_str_mv |
AT oluwatobishadrachakanji mitigatingslowhypertexttransferprotocoldistributeddenialofserviceattacksinsoftwaredefinednetworks AT opeyemiaderiikeabisoye mitigatingslowhypertexttransferprotocoldistributeddenialofserviceattacksinsoftwaredefinednetworks AT mohammedawwaliliyasu mitigatingslowhypertexttransferprotocoldistributeddenialofserviceattacksinsoftwaredefinednetworks |
| _version_ |
1721226122847322112 |