Skip to main content
Springer Nature Link
Log in

DDoS Attack Detection Using Artificial Neural Network

  • Conference paper
  • First Online:
Computing Science, Communication and Security (COMS2 2021)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1416))

Abstract

Distributed Denial of Service (DDoS) attacks grow rapidly and cause a serious risk to network security. DDoS attacks intentionally occupy resources such as computing power and bandwidth to deny the services to potential users. So the automatic identification of DDoS attacks is very important. Machine Learning is the proven technology for the identification of such attacks. Over the decade many researchers have taken detection of DDoS attacks as the research objective and succeeded as well. However many more research needs to be explored in the identification of DDoS attacks due to the inefficiency of their techniques in terms of performance, accuracy, identification, and collection of data, normalized data set, feature reduction, and computational cost. We tried Back Propagation Neural Network (BPNN) with supervised machine learning technique to recognize the DDoS attacks at Network/Transport layer. We experimented with a dataset consisting of 4 lakh records of synthetic data, out of which we used 70% of the dataset for training purpose and performance measure on the rest 30% of the dataset. Our experimental results show that 97.7% of DDoS attacks were successfully identified and this technique does not decrease performance and can be easily spread out to broader DDoS attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. The Internet Revolution is the New Industrial Revolution. https://www.forbes.com/sites/michakaufman/2012/10/05/the-internet-revolution-is-the-new-industrial-revolution/?sh=68b916cf47d5. Accessed on 29 Nov 2020

  2. Synthetic Dataset Generation for ML using Scikit Learn and More. https://towardsdatascience.com/synthetic-dataset-generation-for-ml-using-scikit-learn-and-more-beab8cacc8f8. Accessed on 29 Nov 2020

  3. Chang, R.K.C.: Defending against flooding-based distributed denial-of-service attacks: a tutorial. IEEE Commun. Mag. 40(10), 42–51 (2002)

    Article  Google Scholar 

  4. Gavaskar, S., Surendiran, R., Ramaraj, E.: Three counter defense mechanism for SYN flooding attacks. Int. J. Comput. Appl. 6(6), 12–15 (2010)

    Google Scholar 

  5. Yin, C., Zhu, Y., Fei, J., He, X.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017)

    Article  Google Scholar 

  6. Backpropagation Step by Step. https://hmkcode.com/ai/backpropagation-step-by-step/. Accessed on 29 Nov 2020

  7. Data, Learning and Modeling. https://machinelearningmastery.com/data-learning-and-modeling/. Accessed on 29 Nov 2020

  8. Preparing Your Dataset for Machine Learning: 8 Basic Techniques That Make Your Data Better. https://www.altexsoft.com/blog/datascience/preparing-your-dataset-for-machine-learning-8-basic-techniques-that-make-your-data-better/. Accessed on 29 Nov 2020

  9. Bahrololum, M., Salahi, E., Khaleghi, M.: Machine learning techniques for feature reduction in intrusion detection systems: a comparison. In: Fourth International Conference on Computer Sciences and Convergence Information Technology, pp. 1091–1095. Seoul (2009)

    Google Scholar 

  10. The Ultimate Guide to 12 Dimensionality Reduction Techniques (with Python codes). https://www.analyticsvidhya.com/blog/2018/08/dimensionality-reduction-techniques-python/. Accessed on 29 Nov 2020

  11. Why Data Normalization is necessary for Machine Learning models. https://medium.com/@urvashilluniya/why-data-normalization-is-necessary-for-machine-learning-models-681b65a05029. Accessed on 29 Nov 2020

  12. Normalization. https://www.codecademy.com/articles/normalization. Accessed on 29 Nov 2020

  13. Data Normalization in Data Mining. https://www.geeksforgeeks.org/data-normalization-in-data-mining/. Accessed on 29 Nov 2020

  14. ML|Label Encoding of datasets in Python. https://www.geeksforgeeks.org/ml-label-encoding-of-datasets-in-python/. Accessed on 29 Nov 2020

  15. An introduction to Artificial Neural Networks (with example). https://medium.com/@jamesdacombe/an-introduction-to-artificial-neural-networks-with-example-ad459bb6941b. Accessed on 29 Nov 2020

  16. Confusion Matrix in Machine Learning. https://www.geeksforgeeks.org/confusion-matrix-machine-learning/. Accessed on 29 Nov 2020

  17. Andropov, S., Guirik, A., Budko, M., Budko, M.: Network anomaly detection using artificial neural networks. In: 20th Conference of Open Innovations Association (FRUCT), pp. 26–31. St. Petersburg, (2017)

    Google Scholar 

  18. Jiahui, J., Ye, B., Zhao, Y., Stones, R.J., Wang, G., Liu, X., Wang, S., Xie, G.: Detecting TCP-based DDoS attacks in Baidu cloud computing data centers. In: 2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS), pp. 256–258. IEEE (2017)

    Google Scholar 

  19. AI-Duwairi, B., Manimaran, G.: Distributed packet pairing for reflector based DDoS attack mitigation. Comput. Commun. 29(12), 2269–2280 (2006)

    Google Scholar 

  20. Chen, Y., Hwang, K.: Tcp flow analysis for defense against shrew ddos attacks. In: IEEE International Conference on Communications, pp. 1–8 (2007)

    Google Scholar 

  21. Gao, Z., Ansari, N.: Differentiating malicious DDoS attack traffic from normal TCP flows by proactive tests. IEEE Commun. Lett. 10(11), 793–795 (2006)

    Article  Google Scholar 

  22. Jun, J.-H., Lee, D., Ahn, C.-W., Kim,, S.-H.: DDoS attack detection using flow entropy and packet sampling on huge networks. In: 13th International Conference on Networks, Nice (2014)

    Google Scholar 

  23. The Ultimate Guide to Synthetic Data in 2020. https://research.aimultiple.com/synthetic-data/. Accessed on 29 Nov 2020

  24. Do You Need Synthetic Data For Your AI Project? https://towardsdatascience.com/do-you-need-synthetic-data-for-your-ai-project-e7ecc2072d6b. Accessed on 29 Nov 2020

  25. Intrusion Prevention TCP Bad Flags. https://fortiguard.com/encyclopedia/ips/12145/tcp-bad-flags. Accessed on 29 Nov 2020

  26. ACK-PSH-SYN-FIN Flood. https://kb.mazebolt.com/knowledgebase/ack-psh-syn-fin-flood/. Accessed on 29 Nov 2020

  27. TCP Null Attack. https://ddos-guard.net/en/terminology/attack_type/tcp-null-attack. Accessed on 29 Nov 2020

  28. Wankhede, S., Kshirsagar, D.: DoS attack detection using machine learning and neural network. In: 2018 Fourth International Conference on Computing Communication Control and Automation (ICCUBEA), pp. 1–5. IEEE (2018)

    Google Scholar 

  29. Zekri, M., El Kafhali, S., Aboutabit, N., Saadi, Y.: DDoS attack detection using machine learning techniques in cloud computing environments. In: 2017 3rd International Conference of Cloud Computing Technologies and Applications (CloudTech), pp. 1–7. IEEE (2017)

    Google Scholar 

  30. Kumar, A., Glisson, W., Cho, H.: Network attack detection using an unsupervised machine learning algorithm. In: Proceedings of the 53rd Hawaii International Conference on System Sciences (2020)

    Google Scholar 

  31. Noh, S., Lee, C., Choi, K., Jung, G.: Detecting distributed denial of service (DDOS) attacks through inductive learning. In: International Conference on Intelligent Data Engineering and Automated Learning, pp. 286–295. Springer, Berlin (2003)

    Google Scholar 

  32. Bangladesh Bank robbery. https://en.wikipedia.org/wiki/2016_Bangladesh_Bank_heist. Accessed on 15 July 2020

  33. Ottis, R.: Analysis of the 2007 cyber attacks against estonia from the information warfare perspective. In: Proceedings of the 7th European Conference on Information Warfare, p. 163 (2008)

    Google Scholar 

  34. Record-breaking DDoS attack in Europe hits 400 Gbps. CNET (2014). http://www.cnet.com/news/recordbreaking-ddos-attack-in-europe-hits-400gbps/. Accessed on 15 July 2020

  35. Lakshminarayanan, K., Adkins, D., Perrig, A., Stoica, I.: Taming ip packet flooding attacks. ACM SIGCOMM Comput. Commun. Rev. 34(1), 45–50 (2004)

    Article  Google Scholar 

  36. Gligor, V.D.: A note on denial-of-service in operating systems. IEEE Trans. Softw. Eng. 3, 320–324 (1984)

    Article  Google Scholar 

  37. Bawany, N.Z., Shamsi, J.A., Salah, K.: DDoS attack detection and mitigation using SDN: methods, practices, and solutions. Arabian J. Sci. Eng. 42(2), 425–441 (2017)

    Article  Google Scholar 

  38. Wang, B., Zheng, Y., Lou, W., Hou, Y.T.: DDoS attack protection in the era of cloud computing and software-defined networking. Comput. Netw. 81, 308–319 (2015)

    Google Scholar 

  39. McGregory, S.: Preparing for the next DDoS attack. Netw. Secur. 5, 5–6 (2013)

    Article  Google Scholar 

  40. DoS attacks: What are the popular DoS attacking tools? (2017). https://www.greycampus.com/blog/information-security/dos-attacks-tools-and-protection. Accessed on 15 July 2020

  41. Botnet. https://en.wikipedia.org/wiki/Botnet. Accessed on 15 July 2020

  42. Hunter, P.: Distributed Denial of Service (DDOS) mitigation tools. Netw. Secur. 5, 12–14 (2003)

    Google Scholar 

  43. Sood, A.K., Enbody, R.J., Bansal, R.: Dissecting SpyEye–Understanding the design of third generation botnets. Comput. Netw. 57(2), 436–450 (2013)

    Article  Google Scholar 

  44. Hoque, N., Bhattacharyya, D., Kalita, J.: Botnet in DDoS attacks: trends and challenges. IEEE Commun. Surv. Tutor. 99, 1–1 (2015)

    Google Scholar 

  45. Krishna, V.H., Kumar, S.: Effectiveness of built-in security protection of microsoft’s windows server 2003 against TCP SYN based DDoS attacks. J. Inform. Secur. 2(03), 131 (2011)

    Google Scholar 

  46. Acharya, S., Tiwari, N.: Survey of DDoS attacks based on TCP/IP protocol vulnerabilities. IOSR J. Comput. Eng. 18(3), 68–76 (2016)

    Google Scholar 

  47. Saied, A., Overill, R.E., Radzik, T.: Detection of known and unknown DDoS attacks using artificial neural networks. Neurocomputing, 172, 385–393 (2016)

    Google Scholar 

  48. Saad, R.M.A., Anbar, M., Manickam, S., Alomari, E.: An intelligent icmpv6 ddos flooding-attack detection framework (v6iids) using back-propagation neural network. IETE Tech. Rev. 33(3), 244–255 (2016)

    Google Scholar 

  49. Khandelwal, M., Gupta, D.K., Bhale, P.: DoS attack detection technique using back propagation neural network. In: 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 1064–1068. IEEE (2016)

    Google Scholar 

  50. Ahmad, I., Abdullah, A., Alghamdi, A., Alnfajan, K., Hussain, M.: Intrusion detection using feature subset selection based on MLP. Sci. Res. Essays 6(34), 6804–6810 (2011)

    Article  Google Scholar 

  51. Arun, P.R.K., Selvakumar, S.: Distributed denial of service attack detection using an ensemble of neural classifier. Comput. Commun. 34(11), 1328–1341 (2011)

    Google Scholar 

  52. Li, J., Liu, Y., Gu, L.: DDoS attack detection based on neural network. In: 2010 2nd International Symposium on Aware Computing, pp. 196–199. IEEE (2010)

    Google Scholar 

  53. Ali, U., Dewangan, K.K., Dewangan, D.K.: Distributed denial of service attack detection using ant bee colony and artificial neural network in cloud computing. In: Nature Inspired Computing, pp. 165–175. Springer, Singapore (2018)

    Google Scholar 

  54. Shah, B., Trivedi, B.H.: Reducing features of KDD CUP 1999 dataset for anomaly detection using back propagation neural network. In: 2015 Fifth International Conference on Advanced Computing and Communication Technologies, pp. 247–251. IEEE (2015)

    Google Scholar 

  55. Talhar, N.: Effective denial of service attack detection using artificial neural network for wired lan. In: 2016 International Conference on Signal Processing, Communication, Power and Embedded System (SCOPES), pp. 229–234. IEEE (2016)

    Google Scholar 

  56. Anzai, Y.: Pattern Recognition and Machine Learning, pp. 89112. Academic Press, London (2012)

    Google Scholar 

  57. Celal, O., Karaboga, D.: Hybrid artificial bee colony algorithm for neural network training. In: 2011 IEEE Congress of Evolutionary Computation (CEC), pp. 84–88. IEEE (2011)

    Google Scholar 

  58. Yao, X.: Evolving artificial neural networks. Proc. IEEE 87(9), (1999)

    Google Scholar 

  59. Graupe, D.: Principles of Artificial Neural Network, pp. 5994. World Scientific Publishing Co. Pte. Ltd, Singapore (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Forensic Sciences University, Gandhinagar, India

    Abhinav Shah, Digvijaysinh Rathod & Dharmesh Dave

Authors
  1. Abhinav Shah
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Digvijaysinh Rathod
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dharmesh Dave
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Ganpat University, Gujarat, India

    Nirbhay Chaubey

  2. Ganpat University, Gujarat, India

    Satyen Parikh

  3. Ganpat University, Gujarat, India

    Kiran Amin

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Shah, A., Rathod, D., Dave, D. (2021). DDoS Attack Detection Using Artificial Neural Network. In: Chaubey, N., Parikh, S., Amin, K. (eds) Computing Science, Communication and Security. COMS2 2021. Communications in Computer and Information Science, vol 1416. Springer, Cham. https://doi.org/10.1007/978-3-030-76776-1_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-76776-1_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-76775-4

  • Online ISBN: 978-3-030-76776-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics