Abstract
Distributed Denial-of-Service (DDoS) attack has been a serious threat to the availability feature of cloud computing. As traditional DDoS attacks are implemented using a huge volume of malicious traffic, the detection of such attacks becomes a naive task. To evade this detection, attackers are moving towards the Low-Rate DDoS (LRDDoS) attacks. The stealthy behavior of LRDDoS attack makes it difficult to get detected due to its low volume traffic. The existing frequency-domain approaches for LRDDoS detection are not feasible in terms of computational and storage requirements. This paper aims to propose a lightweight, accurate, and adaptive approach for the detection of LRDDoS attacks in frequency-domain. In this paper, the LRDDoS attack is detected by analyzing the power spectral distribution. The novelty of the proposed approach is to calculate the power spectral density using Fast Hartley Transform (FHT). The FHT processes real-valued input data, and has low computational and storage complexities. The approach is implemented on OpenStack cloud platform, and the aggregate network traffic (external and internal) is captured and analyzed. Experimental results show that the computational and storage complexities involved in FHT are lower than other transformation algorithms’ complexities. Thus, the approach provides faster response with an average detection time of 60.16 s. The average true negative and true positive rates obtained by the proposed approach are 99.83% and 99.46% respectively, which are competitive.
Similar content being viewed by others
References
Khan, M. A. (2016). A survey of security issues for cloud computing. Journal of Network and Computer Applications, 71, 11–29.
Agrawal, N., & Tapaswi, S. (2017). Defense schemes for variants of distributed denial-of-service (DDoS) attacks in cloud computing: A survey. Information Security Journal: A Global Perspective, 26(2), 61–73.
Agrawal, N., & Tapaswi, S. (2019). Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the-art and research challenges. IEEE Communications Surveys & Tutorials, 21(4), 1–27.
Chen, Y., Hwang, K., & Ku, W. S. (2007). Collaborative detection of DDoS attacks over multiple network domains. IEEE Transactions on Parallel and Distributed Systems, 18(12), 1649–1662.
Yan, Q., Yu, F. R., Gong, Q., & Li, J. (2016). Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Communications Surveys & Tutorials, 18(1), 602–622.
Shameli-Sendi, A., Mourzandi, M., Fekih-Ahmed, M., & Cheriet, M. (2015). Taxonomy of distributed denial of service mitigation approaches for cloud computing. Journal of Network and Computer Applications, 58, 165–179.
Xiang, Y., Li, K., & Zhou, W. (2011). Low rate DDoS attack detection and traceback by using new information metrics. IEEE Transaction on Information Forensics and Security, 6(2), 426–437.
Agrawal, N., & Tapaswi, S. (2017). A lightweight approach to detect the low/high rate IP spoofed cloud DDoS attacks. In IEEE 7th international symposium on cloud and service computing (SC2’17), Kanazawa, Japan, 22–25 November 2017 (pp. 118–123).
Luo, J., Yang, X., Wang, J., Xu, J., Sun, J., & Long, K. (2014). On a mathematical model for low-rate shrew DDoS. IEEE Transactions on Information Forensics and Security, 9(7), 1069–1083.
Guirguis, M. (2007). Reduction-of-quality attacks on adaptation mechanisms. Boston: Boston University.
Fernandez, G. M., Diaz-Verdejo, J. E., & Garcia-Teodoro, P. (2009). Mathematical model for low rate DoS attacks against application servers. IEEE Transactions on Information Forensics and Security, 4(3), 519–529.
Baig, Z. A., Sait, S. M., & Binbeshr, F. (2016). Controlled access to cloud resources for mitigating economic denial of sustainability (EDoS) attacks. Computer Networks, 97, 31–47.
Le-Ngoc, T., & Vo, M. T. (1989). Implementation and performance of the fast Hartley transform. IEEE Micro, 9(5), 20–27.
Lonea, A. M., Popescu, D. E., Prostean, O., & Tianfield, H. (2013). Evaluation of experiments on detecting distributed denial of service (DDoS) attacks in eucalyptus private cloud. Advances in Intelligent Systems and Computing, 195, 367–379.
Mishra, P., Varadharajan, V., Pilli, E., & Tupakula, U. (2018). VMGuard: A VMI-based security architecture for intrusion detection in cloud environment. IEEE Transactions on Cloud Computing, 6(3), 1–14.
Dou, W., Chen, Q., & Chen, J. (2013). A confidence-based filtering method for DDoS attack defense in cloud environment. Future Generation Computer System, 29(7), 1838–1850.
Negi, P., Mishra, A., & Gupta, B. B. (2013). Enhanced CBF packet filtering method to detect DDoS attack in cloud computing environment. International Journal of Computer Science Issues, 2(4), 142–146.
Zakarya, M. (2013). DDoS verification and attack packet dropping algorithm in cloud computing. Journal of World Applied Sciences, 23(11), 1418–1424.
Osanaiye, O., Cai, H., Choo, K. K. R., Dehghantanha, A., Xu, Z., & Dlodlo, M. (2016). Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. EURASIP Journal on Wireless Communications and Networking, 1, 130–139.
Prasad, K. M., Reddy, A. R. M., & Rao, K. V. (2018). Ensemble classifiers with drift detection (ECDD) in traffic flow streams to detect DDOS attacks. Wireless Personal Communications, 99, 1639–1659.
Prasad, K. M., Reddy, A. R. M., & Rao, K. V. (2017). BIFAD: Bio-inspired anomaly based HTTP-flood attack detection. Wireless Personal Communications, 97(1), 281–308.
He, X., Papadopoulos, C., Heidemann, J., Mitra, U., & Riaz, U. (2009). Remote detection of bottleneck links using spectral and statistical methods. Computer Networks, 53(3), 279–298.
Chen, H., Gaska, T., Chen, Y., & Summerville, D. H. (2013). An optimized reconfigurable power spectral density converter for real-time shrew DDoS attacks detection. Journal of Computers & Electrical Engineering, 39(2), 295–308.
Hoque, N., Kashyap, H., & Bhattacharyya, D. K. (2017). Real-time DDoS attack detection using FPGA. Computer Communications, 110, 48–58.
Chen, Z., Yeo, C. K., Lee, B. S., & Lau, C. T. (2018). Power spectrum entropy based detection and mitigation of low-rate DoS attacks. Computer Networks, 136, 80–94.
Tang, D., Chen, K., Chen, X. S., Liu, H. Y., & Li, X. H. (2014). A new collaborative detection method for LDoS attacks. Journal of Networks, 9(10), 2674–2681.
Brynielsson, J., & Sharma, R. (2015). Detectability of low-rate HTTP server DoS attacks using spectral analysis. In IEEE/ACM international conference on advances in social networks analysis and mining (ASONAM), Paris, France. 25–28 August (pp. 954–961).
Tripathi, N., & Hubballi, N. (2018). Slow rate denial of service attacks against HTTP/2 and detection. Computers & Security, 72, 255–272.
Fouladi, R. F., Kayatas, C. E., & Anarim, E. (2016). Frequency based DDoS attack detection approach using naive Bayes classification. In IEEE 39th international conference on telecommunications and signal processing (TSP), Vienna, Austria, 27–29 June (pp. 104–107).
Cotae, P., Kang, M., & Velazquez, A. (2016). Spectral analysis of low rate of denial of service attacks detection based on fisher and Siegel tests. In IEEE international conference on communications (ICC), Kuala Lumpur, Malaysia. 22–27 May (pp. 1–6).
Liu, Z., Yin, X., & Lee, H. J. (2016). A new network flow grouping method for preventing periodic shrew DDoS attacks in cloud computing. In IEEE 18th international conference on advanced communication technology (ICACT), Pyeongchang, South Korea, 31 January–3 Febuary (pp. 66–69).
Kaur, G., Saxena, V., & Gupta, J. P. (2017). Detection of TCP targeted high bandwidth attacks using self-similarity. Journal of King Saud University-Computer and Information Sciences, 1–15.
Agrawal, N., & Tapaswi, S. (2018). Low rate cloud DDoS attack defense method based on power spectral density analysis. Information Processing Letters, 138, 44–50.
Chen, Y., & Hwang, K. (2006). Collaborative detection and filtering of shrew DDoS attacks using spectral analysis. Journal of Parallel and Distributed Computing, 66(9), 1137–1151.
Slowloris. https://github.com/gkbrk/slowloris.
Low Orbit Ion Canon. https://github.com/NewEraCracker/LOIC.
Hou, H. S. (1987). The fast Hartley transform algorithm. IEEE Transactions on Computers, 36(2), 147–156.
Peguero, K. A., Reza, A., & Ash-Rafzadeh, A. R. (1994). Spectral estimation using fast Hartley transform. In Proceedings of the IEEE 37th midwest symposium on circuits and systems, Lafayette, LA, USA, 3–5 August (pp. 838–840).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Agrawal, N., Tapaswi, S. Detection of Low-Rate Cloud DDoS Attacks in Frequency Domain Using Fast Hartley Transform. Wireless Pers Commun 112, 1735–1762 (2020). https://doi.org/10.1007/s11277-020-07125-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-020-07125-4