Skip to main content
SpringerLink
Log in

Design of an IoT DDoS attack prediction system based on data mining technology

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Due to the rise of the Internet of things (IoT), the threat to information security extends from general servers to IoT devices. Possible IoT security issues include all kinds of network attacks. Distributed denial-of-service (DDoS) attacks are notoriously difficult to prevent. With the continuous evolution of DDoS attacks, from simple network packet attacks, it has become possible for hackers to hide in legitimate paths. At times, large numbers of non-legitimate attack packets can occur, which can be a major problem that enterprises cannot protect themselves against. This paper proposes a data-mining technology-based DDoS attack prediction system, designed for use in the IoT environment. The system can be divided into two major modules: 1. the DDoS attack prediction model-construction module and 2. the DDoS attack prediction defence module. In the DDoS attack prediction model-construction module, through the integration of data-mining classification technology, the SVM algorithm is used to dig out the classification basis of a possible attack. The attack prediction model is then established, and the prediction result is corrected in real time. The results of the study conducted showed that when an attacker attempts to launch an attack, the system design will predict the timing of the DDoS attack, and existing IP backtracking technology can be used to track the source of the attack, block the source of the attack in advance and achieve the purpose of defence.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

source query

Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

References

  1. Mladenov B (2019) Studying the DDoS attack effect over SDN controller southbound channel. 2019 X National Conference with International Participation. https://doi.org/10.1109/ELECTRONICA.2019.8825601

  2. Yeom S, Kim K (2020) Improving performance of collaborative source-side DDoS attack detection. 2020 21st Asia-Pacific Network Operations and Management Symposium. https://doi.org/10.23919/APNOMS50412.2020.9237014

  3. Nikolskaia K, Minbaleev A (2020) Legal regulation of incidents related to DDoS attacks. 2020 International Conference Quality Management, Transport and Information Security, Information Technologies. https://doi.org/10.1109/ITQMIS51053.2020.9322874

  4. Jia B, Liang Y (2020) Anti-D chain: A lightweight DDoS attack detection scheme based on heterogeneous ensemble learning in blockchain. China Communications, 17(9)

  5. Andika B, Alaziz A, Sukarno P, Wardana A (2020) Blacklisted IP distribution system to handle DDoS attacks on IPS Snort based on blockchain. https://doi.org/10.1109/ITIS50118.2020.9320996

  6. Dong S, Sarem M (2020) DDoS attack detection method based on improved KNN with the degree of DDoS Attack in software-defined networks. IEEE Access, 8(5)

  7. Kansal Y, Mayank D (2017) Proactive DDoS attack detection and isolation. 2017 International Conference on Computer, Communications and Electronics. Papers 4

  8. Cheskidov P, Nikolskaia K, Minbaleev A (2019) Choosing the reinforcement learning method for modeling DDos attacks. 2019 International Multi-Conference on Industrial Engineering and Modern Technologies, Papers (3)

  9. Somani G, Gaur M, Sanghi D, Conti M, Rajarajan M (2018) Scale inside-out: rapid mitigation of cloud DDoS attacks. IEEE Transactions on Dependable and Secure Computing, 15(6):2

  10. He J, Tan Y, Guo W, Xian M (2020) A small sample DDoS attack detection method based on deep transfer learning. 2020 International Conference on Computer Communication and Network Security

  11. Nijim M, Khan M (2017) FastDetict: A data mining engine for predecting and preventing DDoS attacks. In: 2017 IEEE International Symposium on Technologies for Homeland Security. IEEE, p 1–5 https://doi.org/10.1109/THS.2017.7943451

  12. Meti N, Narayan D, Baligar V (2016) Detection of distributed denial of service attacks in software defined networks. In: 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI). IEEE, p 2576–2581. https://doi.org/10.1109/ICACCI.2017.8126031

  13. Hassan U, Nawi N, Kasim S (2014) Classify a protein domain using sigmoid support vector machine. In Information Science and Applications (ICISA), 2014 International Conference on (pp. 1–4). IEEE

  14. Hurst W, Shone N, Monnet Q (2015) Predicting the effects of DDoS attacks on a network of critical infrastructures. In Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing, 2015 IEEE International Conference on (pp. 1697–1702)

  15. Zhang Z, Parhi K (2015) Seizure prediction using polynomial SVM classification. In Engineering in Medicine and Biology Society (EMBC), 2015 37th Annual International Conference of the IEEE, pp. 5748–5751.

  16. Chen X, Li M, Zhong H, Ma Y, Hsu C (2021) DNNOff: Offloading DNN-based Intelligent IoT applications in mobile edge computing. IEEE Trans Ind Inform. https://doi.org/10.1109/TII.2021.3075464

    Article  Google Scholar 

  17. Chen X, Chen S, Ma Y, Liu B, Zhang Y, Huang G (2019) An adaptive offloading framework for android applications in mobile edge computing. Sci China Inf Sci 62(8):82102

    Article  Google Scholar 

  18. Huang G, Xu M, Lin X, Liu Y, Ma Y, Pushp S, Liu X (2017) ShuffleDog: Characterizing and adapting user-perceived latency of android apps. IEEE Trans Mobile Comput 16(10):2913–2926

    Article  Google Scholar 

  19. Zhang Y, Huang G, Liu X, Zhang W, Mei H, Yang S (2012) Refactoring android Java code for on-demand computation offloading. ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications

  20. Jiao J, Ye B, Yue Zhao Y, Stones R, Wang G, Liu X, Shaoyan Wang S, Xie G (2017) Detecting TCP-based DDoS attacks in baidu cloud computing data centers. 2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)

  21. Lin B, Huang Y, Zhang J, Hu J, Chen X, Li J (2020) Cost-driven offloading for DNN-based applications over cloud, edge and end devices. IEEE Trans Ind Inform 16(8):5456–5466

    Article  Google Scholar 

  22. Chen X, Wang H, Ma Y, Zheng X, Guo L (2020) Self-adaptive resource allocation for cloud-based software services based on iterative QoS prediction model. Futur Gener Comput Syst 105:287–296

    Article  Google Scholar 

  23. Chen X, Zhu F, Chen Z, Min G, Zheng X, Rong C (2021) Resource allocation for cloud-based software services using prediction-enabled feedback control with reinforcement learning. IEEE Trans Cloud Comput. https://doi.org/10.1109/TCC.2020.2992537

    Article  Google Scholar 

  24. Chen X, Lin J, Ma Y, Lin B, Wang H, Huang G (2019) Self-adaptive resource allocation for cloud-based software services based on progressive QoS prediction model. Sci China Inf Sci 62(11):219101

    Article  Google Scholar 

  25. Huang G, Ma Y, Liu X, Luo Y, Lu X, Blake M (2015) Model-based automated navigation and composition of complex service mashups. IEEE Trans Serv Comput 8(3):494–506

    Article  Google Scholar 

  26. Mladenov B (2019) Studying the DDoS attack effect over SDN controller southbound channel, 2019 X National Conference with International Participation

  27. Saleh M, Manaf A (2014) Optimal specifications for a protective framework against HTTP-based DoS and DDoS attacks. 2014 International Symposium on Biometrics and Security Technologies (ISBAST)

  28. Huang G, Chen X, Zhang Y, Zhang X (2012) Towards Architecture-based management of platforms in the cloud. Front Comp Sci 6(4):388–397

    Article  MathSciNet  Google Scholar 

  29. Chen X, Li A, Zeng X, Guo W, Huang G (2015) Runtime model based approach to IoT application development. Front Comput Sci 9(4):540–553

    Article  Google Scholar 

  30. Liu X, Huang G, Zhao Q, Mei H, Blake M (2014) iMashup: a mashup-based framework for service composition. Sci China Inf Sci 54(1):1–20

    Article  Google Scholar 

  31. Song H, Huang G, Chauvel F, Xiong Y, Hu Z, Sun Y, Mei H (2011) Supporting runtime software architecture: A bidirectional-transformation-based approach. J Syst Softw 84(5):711–723

    Article  Google Scholar 

  32. Huang G, Liu X, Ma Y, Lu X, Zhang Y, Xiong Y (2019) Programming situational mobile web applications with cloud-mobile convergence: an internetware-oriented approach. IEEE Trans Serv Comput 12(1):6–19

    Article  Google Scholar 

  33. Huang G, Luo C, Wu K, Ma Y, Zhang Y, Liu X (2019) Software-defined infrastructure for decentralized data lifecycle governance: principled design and open challenges. IEEE International Conference on Distributed Computing Systems

  34. Shi Dong S, Sarem M (2020) DDoS attack detection method based on improved KNN with the degree of DDoS attack in software-defined networks. IEEE Access

  35. Jia B, Liang Y (2020) Anti-D chain: A lightweight DDoS attack detection scheme based on heterogeneous ensemble learning in blockchain. China Communications

  36. Huang G, Mei H, Yang F (2006) Runtime recovery and manipulation of software architecture of component-based systems. Autom Soft Eng 13(2):257–281

    Article  Google Scholar 

  37. Huang G, Liu T, Mei H, Zheng Z, Liu Z, Fan G (2004) Towards autonomic computing middleware via reflection. International Computer Software and Applications Conference

  38. Sun W, Li Y, Guan S (2019) An improved method of DDoS attack detection for controller of SDN. 2019 IEEE 2nd International Conference on Computer and Communication Engineering Technology (CCET)

Download references

Acknowledgements

This work was also supported by the Scientific Research Fund of Dongguan Polytechnic (No. 2020a03). This work was also supported by various scientific research projects carried out in colleges and universities of the Education Department of Guangdong Province (No. 2020KTSCX320)

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Dongguan Polytechnic, Dongguan, 52380, China

    Lingfeng Huang

Authors
  1. Lingfeng Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lingfeng Huang.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Huang, L. Design of an IoT DDoS attack prediction system based on data mining technology. J Supercomput 78, 4601–4623 (2022). https://doi.org/10.1007/s11227-021-04055-1

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-021-04055-1

Keywords

Search

Navigation