Entropy Based Deep Attention Mechanism (EDAM) To Mitigate Denial of Service (Dos) Attack Orchestrated Through Idempotent Operation

Authors

  • S Vijayalakshmi Research Scholar, Department of Banking Technology, Pondicherry University, Pondicherry, India. Author
  • V Prasanna Venkatesan Professor, Department of Banking Technology, Pondicherry University, Pondicherry, India Author

Keywords:

Entropy, Denial of Service Attack, Deep Attention, Idempotent Operation

Abstract

Measuring entropy in a system represents  the degree of uncertainty that characterizes the smooth, free  and fair conduct of the network operations. The change in  quantum of entropy value raises an alarm of the  unscrupulous behavior in the vicinity of the network. The  continuous inspection of network characteristics and  internet flow profiling maintains a constant vigil of the  state, behavior and actions performed by the participating  hosts in the network. The traffic flow from the multiple  senders to either same/different receiver evinces a  significant entropy escalation trend as the network  composition at any timestamp is a rightful mixture of  quality transmission attributes like source IP address,  destination IP address, Sequence no. This suffers a setback  when the senders camouflaging as legitimate ones tries to  fool the network administrators of the impending threat viz.  DoS (Denial of Service) attack that the adversary may wish  to coordinate via an idempotent HTTP Get Request  operation. A request method is considered idempotent if the  intended effect on the destination server with multiple  identical requests is the same as the effect for a single such  request. It produces the same result when executed over and  over again. This ambiguous request operation directed from  multiple/single sender to the intended receiver generates a  broadcast storm that dampens the network services to the  core. The ability of the idempotent nature is to generate as  many genuine requests as possible and swamp the receiver  with HTTP Get request packets. The receiver believes that  the same host connection metric per flow count is generated  by multiple senders but the reality is reverse. The proposed  solution to this problem is to aggregate and maintain a time  stamp based and granular based flow attributes reserved for  future entropy synchronization at several intermediate  routers which will serve as evaluation checkpoints for the  receiver. This Entropy based Deep Attention Mechanism  (EDAM) coupled with DES (Deferred Entropy  Synchronization) acts as a determinant for receiver to  perform multi-level cross verification at different time  instants and perform deferred synchronization with the  reserved values. The performance of this deep attention based entropy synchronization approach witness a deep  spike in prediction accuracy and this is plotted with no. of  idempotent attackers in the x axis and the improved  accuracy in Y axis.

Downloads

Download data is not yet available.

References

Wang, M., Lu, Y., Qin, J., “A dynamic MLP-based DDoS attack detection method using feature selection and feedback”, Elsevier, Computers and Security (88), 2020.

Kaur, P., Kumar, M., Bhandari, A., “A review of detection approaches for distributed denial of service attacks”, Systems Science & Control Engineering, pp. 301-320, DOI: 10.1080/21642583.2017.1331768.

Aamir, M., Mustafa,S., “ DDoS attack detection with feature engineering and machine learning: the framework and performance evaluation”, International Journal of Information Security (2019) pp. 761–785 https://doi.org/10.1007/s10207- 019-00434-1, Springer Nature 2019.

Corin, R.D., Millar, S., Hayward, S.S., Rincon, M., Siracusa, D., “LUCID: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection” IEEE Transactions on Network and Service Management, t

David, J., Thomas, C.,” DDoS Attack Detection using Fast Entropy Approach on Flow Based Network Traffic”, 2nd International Symposium on Big Data and Cloud Computing (ISBCC’15)

Singh, K.J., Thongam, K., De, T., “Entropy-Based Application Layer DDoS Attack Detection Using Artificial Networks”, MDPI, Entropy 2016, 18, 350; [7] Tritilanunt, S., Sivakorn, S., Juengjincharoen, C., Siripornpisan, A., “Entropy-based Input-Output Traffic Mode

Detection Scheme for DoS/DDoS Attacks”, 978-1-4244- 7010-5/10/2010 IEEE

Basicevic, I., Ocavaj, S., Popovic, M., “Evaluation of entropy-based detection of outbound denial-of-service attacks in edge networks”, Security and Communication Networks, Security Comm. Networks 2015; pp. 837–844,

Khan, S., Gani, A., Wahab, A.W.A. et al. Feature Selection of Denial-of-Service Attacks Using Entropy and Granular Computing. Arab J Sci Eng 43, 499–508 (2018). https://doi.org/10.1007/s13369-017-2634-8

Gupta, A. (2018). Distributed Denial of Service Attack Detection Using a Machine Learning Approach (Unpublished master's thesis). University of Calgary, Calgary, AB doi:10.11575/PRISM/32797

Idhammad, M., Afdel, K., Belouch, M., “ Detection System of HTTP DDoS Attacks in a Cloud Environment Based on Information Theoretic Entropy and Random Forest”, Security and Communication Networks Volume 2018, https://doi.org/10.1155/2018/1263123

Nayaz, A.S.Syed, Sangeetha, V., Prabhadevi, C., “Entropy based Anomaly Detection System to Prevent DDoS Attacks in Cloud”, International Journal of Computer Applications (0975 – 8887) Volume 62– No.15, January 2013.

Altaher, A., Ramadass, S., Almomani, A., “Real Time Network Anomaly Detection Using Relative Entropy”, 978- 1-4577-1169-5/11/$26.00 ©2011 IEEE

Ujjan, R.M.A., Zeeshan Pervez, Z., Dahal, K., Khan, W.A., Khattak, A.M., Hayat, B., “Entropy Based Features Distribution for Anti-DDoS Model in SDN”, Sustainability 2021, 13, 1522. https://doi.org/10.3390/su13031522 https://www.mdpi.com/journal/sustainability.

https://wiki.pathmind.com/attention-mechanism-memory network

https://blog.floydhub.com/attention-mechanism/ [17] Kim, K., Aminanto, M.E., “Deep Learning in Intrusion Detection Perspective: Overview and Further Challenges”, IWBIS 2017 978-1-5386-2038-0/17/$31.00 c 2017 IEEE [18] https://tools.ietf.org/id/draft-idempotency-header-00.html

Downloads

Published

2021-03-30

Issue

Vol. 9 No. 2 (2021): International Journal of Innovative Research in Computer Science and Technology (Mar) 2021

Section

Articles

How to Cite

Entropy Based Deep Attention Mechanism (EDAM) To Mitigate Denial of Service (Dos) Attack Orchestrated Through Idempotent Operation . (2021). International Journal of Innovative Research in Computer Science & Technology, 9(2), 72–78. Retrieved from https://acspublisher.com/journals/index.php/ijircst/article/view/11568