Detecting DDoS attacks on the network edge: an information-theoretic correlation analysis Visa övriga samt affilieringar
2023 (Engelska) Ingår i: 2023 IEEE 22nd international conference on trust, security and privacy in computing and communications (TrustCom), IEEE, 2023, s. 485-494Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]
Nowadays, edge computing has become part of the Internet of Things (IoT) that plays a vital role in developing smart applications. As the usage of IoT devices significantly increases, at the same time, network edge infrastructure faces several security challenges. Distributed Denial-of-Service (DDoS) attack is one of the most severe threats to edge-cloud services. Therefore, designing a robust mitigating system is unavoidable for the network edge, and it must be able to recognize emerging attacks. This work proposes an anomaly-based DDoS detection approach that combines information-theoretic metrics and multivariate correlation analysis. The information-theoretic metric captures the randomness and complex nature of traffic behaviour. Similarly, multivariate correlation analysis identifies the relationship among traffic features. Combining information metrics and correlation analysis, we generate normal and attack traffic profiles for the training base to estimate density. The generated profiles build on the metrics including Triangle Area Mapping (TAM) with correlation analysis, Renyi's divergence, covariance, mean, and standard deviation, which enhances the detection performance of the proposed approach. The effectiveness of the proposed approach is evaluated using testbed and benchmark datasets. The results show that the proposed approach achieves 0.17% and 2.32%, and 0.50% higher accuracy compared to the baseline approaches on the testbed, UNSW and CIC-DDoS datasets, respectively.
Ort, förlag, år, upplaga, sidor IEEE, 2023. s. 485-494
Serie
IEEE International Conference on Trust, Security and Privacy in Computing and Communications, ISSN 2324-898X, E-ISSN 2324-9013
Nyckelord [en]
Correlation analysis, DDoS, Edge clouds, Information-theoretic triangle-MCA, Network edge
Nationell ämneskategori
Datavetenskap (datalogi)
Identifikatorer URN: urn:nbn:se:umu:diva-226457 DOI: 10.1109/TrustCom60117.2023.00080 Scopus ID: 2-s2.0-85195502532 ISBN: 9798350381993 (digital) ISBN: 9798350382006 (tryckt) OAI: oai:DiVA.org:umu-226457 DiVA, id: diva2:1877251
Konferens 22nd IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2023, Exeter, United Kingdom, November 1-3, 2023
Forskningsfinansiär Kempestiftelserna, SMK21-0061 Wallenberg AI, Autonomous Systems and Software Program (WASP) 2024-06-252024-06-252024-07-02 Bibliografiskt granskad