Abstract
Due to the rise of the Internet of things (IoT), the threat to information security extends from general servers to IoT devices. Possible IoT security issues include all kinds of network attacks. Distributed denial-of-service (DDoS) attacks are notoriously difficult to prevent. With the continuous evolution of DDoS attacks, from simple network packet attacks, it has become possible for hackers to hide in legitimate paths. At times, large numbers of non-legitimate attack packets can occur, which can be a major problem that enterprises cannot protect themselves against. This paper proposes a data-mining technology-based DDoS attack prediction system, designed for use in the IoT environment. The system can be divided into two major modules: 1. the DDoS attack prediction model-construction module and 2. the DDoS attack prediction defence module. In the DDoS attack prediction model-construction module, through the integration of data-mining classification technology, the SVM algorithm is used to dig out the classification basis of a possible attack. The attack prediction model is then established, and the prediction result is corrected in real time. The results of the study conducted showed that when an attacker attempts to launch an attack, the system design will predict the timing of the DDoS attack, and existing IP backtracking technology can be used to track the source of the attack, block the source of the attack in advance and achieve the purpose of defence.
Similar content being viewed by others
References
Mladenov B (2019) Studying the DDoS attack effect over SDN controller southbound channel. 2019 X National Conference with International Participation. https://doi.org/10.1109/ELECTRONICA.2019.8825601
Yeom S, Kim K (2020) Improving performance of collaborative source-side DDoS attack detection. 2020 21st Asia-Pacific Network Operations and Management Symposium. https://doi.org/10.23919/APNOMS50412.2020.9237014
Nikolskaia K, Minbaleev A (2020) Legal regulation of incidents related to DDoS attacks. 2020 International Conference Quality Management, Transport and Information Security, Information Technologies. https://doi.org/10.1109/ITQMIS51053.2020.9322874
Jia B, Liang Y (2020) Anti-D chain: A lightweight DDoS attack detection scheme based on heterogeneous ensemble learning in blockchain. China Communications, 17(9)
Andika B, Alaziz A, Sukarno P, Wardana A (2020) Blacklisted IP distribution system to handle DDoS attacks on IPS Snort based on blockchain. https://doi.org/10.1109/ITIS50118.2020.9320996
Dong S, Sarem M (2020) DDoS attack detection method based on improved KNN with the degree of DDoS Attack in software-defined networks. IEEE Access, 8(5)
Kansal Y, Mayank D (2017) Proactive DDoS attack detection and isolation. 2017 International Conference on Computer, Communications and Electronics. Papers 4
Cheskidov P, Nikolskaia K, Minbaleev A (2019) Choosing the reinforcement learning method for modeling DDos attacks. 2019 International Multi-Conference on Industrial Engineering and Modern Technologies, Papers (3)
Somani G, Gaur M, Sanghi D, Conti M, Rajarajan M (2018) Scale inside-out: rapid mitigation of cloud DDoS attacks. IEEE Transactions on Dependable and Secure Computing, 15(6):2
He J, Tan Y, Guo W, Xian M (2020) A small sample DDoS attack detection method based on deep transfer learning. 2020 International Conference on Computer Communication and Network Security
Nijim M, Khan M (2017) FastDetict: A data mining engine for predecting and preventing DDoS attacks. In: 2017 IEEE International Symposium on Technologies for Homeland Security. IEEE, p 1–5 https://doi.org/10.1109/THS.2017.7943451
Meti N, Narayan D, Baligar V (2016) Detection of distributed denial of service attacks in software defined networks. In: 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI). IEEE, p 2576–2581. https://doi.org/10.1109/ICACCI.2017.8126031
Hassan U, Nawi N, Kasim S (2014) Classify a protein domain using sigmoid support vector machine. In Information Science and Applications (ICISA), 2014 International Conference on (pp. 1–4). IEEE
Hurst W, Shone N, Monnet Q (2015) Predicting the effects of DDoS attacks on a network of critical infrastructures. In Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing, 2015 IEEE International Conference on (pp. 1697–1702)
Zhang Z, Parhi K (2015) Seizure prediction using polynomial SVM classification. In Engineering in Medicine and Biology Society (EMBC), 2015 37th Annual International Conference of the IEEE, pp. 5748–5751.
Chen X, Li M, Zhong H, Ma Y, Hsu C (2021) DNNOff: Offloading DNN-based Intelligent IoT applications in mobile edge computing. IEEE Trans Ind Inform. https://doi.org/10.1109/TII.2021.3075464
Chen X, Chen S, Ma Y, Liu B, Zhang Y, Huang G (2019) An adaptive offloading framework for android applications in mobile edge computing. Sci China Inf Sci 62(8):82102
Huang G, Xu M, Lin X, Liu Y, Ma Y, Pushp S, Liu X (2017) ShuffleDog: Characterizing and adapting user-perceived latency of android apps. IEEE Trans Mobile Comput 16(10):2913–2926
Zhang Y, Huang G, Liu X, Zhang W, Mei H, Yang S (2012) Refactoring android Java code for on-demand computation offloading. ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications
Jiao J, Ye B, Yue Zhao Y, Stones R, Wang G, Liu X, Shaoyan Wang S, Xie G (2017) Detecting TCP-based DDoS attacks in baidu cloud computing data centers. 2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)
Lin B, Huang Y, Zhang J, Hu J, Chen X, Li J (2020) Cost-driven offloading for DNN-based applications over cloud, edge and end devices. IEEE Trans Ind Inform 16(8):5456–5466
Chen X, Wang H, Ma Y, Zheng X, Guo L (2020) Self-adaptive resource allocation for cloud-based software services based on iterative QoS prediction model. Futur Gener Comput Syst 105:287–296
Chen X, Zhu F, Chen Z, Min G, Zheng X, Rong C (2021) Resource allocation for cloud-based software services using prediction-enabled feedback control with reinforcement learning. IEEE Trans Cloud Comput. https://doi.org/10.1109/TCC.2020.2992537
Chen X, Lin J, Ma Y, Lin B, Wang H, Huang G (2019) Self-adaptive resource allocation for cloud-based software services based on progressive QoS prediction model. Sci China Inf Sci 62(11):219101
Huang G, Ma Y, Liu X, Luo Y, Lu X, Blake M (2015) Model-based automated navigation and composition of complex service mashups. IEEE Trans Serv Comput 8(3):494–506
Mladenov B (2019) Studying the DDoS attack effect over SDN controller southbound channel, 2019 X National Conference with International Participation
Saleh M, Manaf A (2014) Optimal specifications for a protective framework against HTTP-based DoS and DDoS attacks. 2014 International Symposium on Biometrics and Security Technologies (ISBAST)
Huang G, Chen X, Zhang Y, Zhang X (2012) Towards Architecture-based management of platforms in the cloud. Front Comp Sci 6(4):388–397
Chen X, Li A, Zeng X, Guo W, Huang G (2015) Runtime model based approach to IoT application development. Front Comput Sci 9(4):540–553
Liu X, Huang G, Zhao Q, Mei H, Blake M (2014) iMashup: a mashup-based framework for service composition. Sci China Inf Sci 54(1):1–20
Song H, Huang G, Chauvel F, Xiong Y, Hu Z, Sun Y, Mei H (2011) Supporting runtime software architecture: A bidirectional-transformation-based approach. J Syst Softw 84(5):711–723
Huang G, Liu X, Ma Y, Lu X, Zhang Y, Xiong Y (2019) Programming situational mobile web applications with cloud-mobile convergence: an internetware-oriented approach. IEEE Trans Serv Comput 12(1):6–19
Huang G, Luo C, Wu K, Ma Y, Zhang Y, Liu X (2019) Software-defined infrastructure for decentralized data lifecycle governance: principled design and open challenges. IEEE International Conference on Distributed Computing Systems
Shi Dong S, Sarem M (2020) DDoS attack detection method based on improved KNN with the degree of DDoS attack in software-defined networks. IEEE Access
Jia B, Liang Y (2020) Anti-D chain: A lightweight DDoS attack detection scheme based on heterogeneous ensemble learning in blockchain. China Communications
Huang G, Mei H, Yang F (2006) Runtime recovery and manipulation of software architecture of component-based systems. Autom Soft Eng 13(2):257–281
Huang G, Liu T, Mei H, Zheng Z, Liu Z, Fan G (2004) Towards autonomic computing middleware via reflection. International Computer Software and Applications Conference
Sun W, Li Y, Guan S (2019) An improved method of DDoS attack detection for controller of SDN. 2019 IEEE 2nd International Conference on Computer and Communication Engineering Technology (CCET)
Acknowledgements
This work was also supported by the Scientific Research Fund of Dongguan Polytechnic (No. 2020a03). This work was also supported by various scientific research projects carried out in colleges and universities of the Education Department of Guangdong Province (No. 2020KTSCX320)
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Huang, L. Design of an IoT DDoS attack prediction system based on data mining technology. J Supercomput 78, 4601–4623 (2022). https://doi.org/10.1007/s11227-021-04055-1
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-021-04055-1