Skip to main content
SpringerLink
Log in

Detection of Low-Rate Cloud DDoS Attacks in Frequency Domain Using Fast Hartley Transform

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Distributed Denial-of-Service (DDoS) attack has been a serious threat to the availability feature of cloud computing. As traditional DDoS attacks are implemented using a huge volume of malicious traffic, the detection of such attacks becomes a naive task. To evade this detection, attackers are moving towards the Low-Rate DDoS (LRDDoS) attacks. The stealthy behavior of LRDDoS attack makes it difficult to get detected due to its low volume traffic. The existing frequency-domain approaches for LRDDoS detection are not feasible in terms of computational and storage requirements. This paper aims to propose a lightweight, accurate, and adaptive approach for the detection of LRDDoS attacks in frequency-domain. In this paper, the LRDDoS attack is detected by analyzing the power spectral distribution. The novelty of the proposed approach is to calculate the power spectral density using Fast Hartley Transform (FHT). The FHT processes real-valued input data, and has low computational and storage complexities. The approach is implemented on OpenStack cloud platform, and the aggregate network traffic (external and internal) is captured and analyzed. Experimental results show that the computational and storage complexities involved in FHT are lower than other transformation algorithms’ complexities. Thus, the approach provides faster response with an average detection time of 60.16 s. The average true negative and true positive rates obtained by the proposed approach are 99.83% and 99.46% respectively, which are competitive.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Adapted from [37]

Fig. 7
Fig. 8
Fig. 9

Adapted from [38]

Fig. 10

Similar content being viewed by others

References

  1. Khan, M. A. (2016). A survey of security issues for cloud computing. Journal of Network and Computer Applications, 71, 11–29.

    Google Scholar 

  2. Agrawal, N., & Tapaswi, S. (2017). Defense schemes for variants of distributed denial-of-service (DDoS) attacks in cloud computing: A survey. Information Security Journal: A Global Perspective, 26(2), 61–73.

    Google Scholar 

  3. Agrawal, N., & Tapaswi, S. (2019). Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the-art and research challenges. IEEE Communications Surveys & Tutorials, 21(4), 1–27.

    Google Scholar 

  4. Chen, Y., Hwang, K., & Ku, W. S. (2007). Collaborative detection of DDoS attacks over multiple network domains. IEEE Transactions on Parallel and Distributed Systems, 18(12), 1649–1662.

    Google Scholar 

  5. Yan, Q., Yu, F. R., Gong, Q., & Li, J. (2016). Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Communications Surveys & Tutorials, 18(1), 602–622.

    Google Scholar 

  6. Shameli-Sendi, A., Mourzandi, M., Fekih-Ahmed, M., & Cheriet, M. (2015). Taxonomy of distributed denial of service mitigation approaches for cloud computing. Journal of Network and Computer Applications, 58, 165–179.

    Google Scholar 

  7. Xiang, Y., Li, K., & Zhou, W. (2011). Low rate DDoS attack detection and traceback by using new information metrics. IEEE Transaction on Information Forensics and Security, 6(2), 426–437.

    Google Scholar 

  8. Agrawal, N., & Tapaswi, S. (2017). A lightweight approach to detect the low/high rate IP spoofed cloud DDoS attacks. In IEEE 7th international symposium on cloud and service computing (SC2’17), Kanazawa, Japan, 22–25 November 2017 (pp. 118–123).

  9. Luo, J., Yang, X., Wang, J., Xu, J., Sun, J., & Long, K. (2014). On a mathematical model for low-rate shrew DDoS. IEEE Transactions on Information Forensics and Security, 9(7), 1069–1083.

    Google Scholar 

  10. Guirguis, M. (2007). Reduction-of-quality attacks on adaptation mechanisms. Boston: Boston University.

    Google Scholar 

  11. Fernandez, G. M., Diaz-Verdejo, J. E., & Garcia-Teodoro, P. (2009). Mathematical model for low rate DoS attacks against application servers. IEEE Transactions on Information Forensics and Security, 4(3), 519–529.

    Google Scholar 

  12. Baig, Z. A., Sait, S. M., & Binbeshr, F. (2016). Controlled access to cloud resources for mitigating economic denial of sustainability (EDoS) attacks. Computer Networks, 97, 31–47.

    Google Scholar 

  13. Le-Ngoc, T., & Vo, M. T. (1989). Implementation and performance of the fast Hartley transform. IEEE Micro, 9(5), 20–27.

    Google Scholar 

  14. Lonea, A. M., Popescu, D. E., Prostean, O., & Tianfield, H. (2013). Evaluation of experiments on detecting distributed denial of service (DDoS) attacks in eucalyptus private cloud. Advances in Intelligent Systems and Computing, 195, 367–379.

    Google Scholar 

  15. Mishra, P., Varadharajan, V., Pilli, E., & Tupakula, U. (2018). VMGuard: A VMI-based security architecture for intrusion detection in cloud environment. IEEE Transactions on Cloud Computing, 6(3), 1–14.

    Google Scholar 

  16. Dou, W., Chen, Q., & Chen, J. (2013). A confidence-based filtering method for DDoS attack defense in cloud environment. Future Generation Computer System, 29(7), 1838–1850.

    Google Scholar 

  17. Negi, P., Mishra, A., & Gupta, B. B. (2013). Enhanced CBF packet filtering method to detect DDoS attack in cloud computing environment. International Journal of Computer Science Issues, 2(4), 142–146.

    Google Scholar 

  18. Zakarya, M. (2013). DDoS verification and attack packet dropping algorithm in cloud computing. Journal of World Applied Sciences, 23(11), 1418–1424.

    Google Scholar 

  19. Osanaiye, O., Cai, H., Choo, K. K. R., Dehghantanha, A., Xu, Z., & Dlodlo, M. (2016). Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. EURASIP Journal on Wireless Communications and Networking, 1, 130–139.

    Google Scholar 

  20. Prasad, K. M., Reddy, A. R. M., & Rao, K. V. (2018). Ensemble classifiers with drift detection (ECDD) in traffic flow streams to detect DDOS attacks. Wireless Personal Communications, 99, 1639–1659.

    Google Scholar 

  21. Prasad, K. M., Reddy, A. R. M., & Rao, K. V. (2017). BIFAD: Bio-inspired anomaly based HTTP-flood attack detection. Wireless Personal Communications, 97(1), 281–308.

    Google Scholar 

  22. He, X., Papadopoulos, C., Heidemann, J., Mitra, U., & Riaz, U. (2009). Remote detection of bottleneck links using spectral and statistical methods. Computer Networks, 53(3), 279–298.

    MATH  Google Scholar 

  23. Chen, H., Gaska, T., Chen, Y., & Summerville, D. H. (2013). An optimized reconfigurable power spectral density converter for real-time shrew DDoS attacks detection. Journal of Computers & Electrical Engineering, 39(2), 295–308.

    Google Scholar 

  24. Hoque, N., Kashyap, H., & Bhattacharyya, D. K. (2017). Real-time DDoS attack detection using FPGA. Computer Communications, 110, 48–58.

    Google Scholar 

  25. Chen, Z., Yeo, C. K., Lee, B. S., & Lau, C. T. (2018). Power spectrum entropy based detection and mitigation of low-rate DoS attacks. Computer Networks, 136, 80–94.

    Google Scholar 

  26. Tang, D., Chen, K., Chen, X. S., Liu, H. Y., & Li, X. H. (2014). A new collaborative detection method for LDoS attacks. Journal of Networks, 9(10), 2674–2681.

    Google Scholar 

  27. Brynielsson, J., & Sharma, R. (2015). Detectability of low-rate HTTP server DoS attacks using spectral analysis. In IEEE/ACM international conference on advances in social networks analysis and mining (ASONAM), Paris, France. 25–28 August (pp. 954–961).

  28. Tripathi, N., & Hubballi, N. (2018). Slow rate denial of service attacks against HTTP/2 and detection. Computers & Security, 72, 255–272.

    Google Scholar 

  29. Fouladi, R. F., Kayatas, C. E., & Anarim, E. (2016). Frequency based DDoS attack detection approach using naive Bayes classification. In IEEE 39th international conference on telecommunications and signal processing (TSP), Vienna, Austria, 27–29 June (pp. 104–107).

  30. Cotae, P., Kang, M., & Velazquez, A. (2016). Spectral analysis of low rate of denial of service attacks detection based on fisher and Siegel tests. In IEEE international conference on communications (ICC), Kuala Lumpur, Malaysia. 22–27 May (pp. 1–6).

  31. Liu, Z., Yin, X., & Lee, H. J. (2016). A new network flow grouping method for preventing periodic shrew DDoS attacks in cloud computing. In IEEE 18th international conference on advanced communication technology (ICACT), Pyeongchang, South Korea, 31 January–3 Febuary (pp. 66–69).

  32. Kaur, G., Saxena, V., & Gupta, J. P. (2017). Detection of TCP targeted high bandwidth attacks using self-similarity. Journal of King Saud University-Computer and Information Sciences, 1–15.

  33. Agrawal, N., & Tapaswi, S. (2018). Low rate cloud DDoS attack defense method based on power spectral density analysis. Information Processing Letters, 138, 44–50.

    MathSciNet  MATH  Google Scholar 

  34. Chen, Y., & Hwang, K. (2006). Collaborative detection and filtering of shrew DDoS attacks using spectral analysis. Journal of Parallel and Distributed Computing, 66(9), 1137–1151.

    MATH  Google Scholar 

  35. Slowloris. https://github.com/gkbrk/slowloris.

  36. Low Orbit Ion Canon. https://github.com/NewEraCracker/LOIC.

  37. Hou, H. S. (1987). The fast Hartley transform algorithm. IEEE Transactions on Computers, 36(2), 147–156.

    MATH  Google Scholar 

  38. Peguero, K. A., Reza, A., & Ash-Rafzadeh, A. R. (1994). Spectral estimation using fast Hartley transform. In Proceedings of the IEEE 37th midwest symposium on circuits and systems, Lafayette, LA, USA, 3–5 August (pp. 838–840).

Download references

Author information

Authors and Affiliations

  1. Department of Virtualization, School of Computer Science, University of Petroleum and Energy Studies, Dehradun, Uttrakhand, India

    Neha Agrawal

  2. ABV- Indian Institute of Information Technology and Management, Gwalior, India

    Shashikala Tapaswi

Authors
  1. Neha Agrawal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shashikala Tapaswi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Neha Agrawal.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Agrawal, N., Tapaswi, S. Detection of Low-Rate Cloud DDoS Attacks in Frequency Domain Using Fast Hartley Transform. Wireless Pers Commun 112, 1735–1762 (2020). https://doi.org/10.1007/s11277-020-07125-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-020-07125-4

Keywords

Search

Navigation