The International Arab Journal of Information Technology (IAJIT)


DoS and DDoS Attack Detection Using Deep Learning and IDS

In the recent years, Denial-of-Service (DoS) or Distributed Denial-of-Service (DDoS) attack has spread greatly and attackers make online systems unavailable to legitimate users by sending huge number of packets to the target system. In this paper, we proposed two methodologies to detect Distributed Reflection Denial of Service (DrDoS) attacks in IoT. The first methodology uses hybrid Intrusion Detection System (IDS) to detect IoT-DoS attack. The second methodology uses deep learning models, based on Long Short-Term Memory (LSTM) trained with latest dataset for such kinds of DrDoS. Our experimental results demonstrate that using the proposed methodologies can detect bad behaviour making the IoT network safe of Dos and DDoS attacks.

[1] Aamir M. and Zaidi S., “DDoS Attack Detection with Feature Engineering and Machine Learning: The Framework and Performance Evaluation,” International Journal of Information Security, vol. 18, no. 3, pp. 761-785, 2019.

[2] Alenezi M. and Reed M., “Denial of Service Detection through TCP Congestion Window Analysis,” in Proceedings of World Congress on Internet Security, London, pp. 145-150, 2013.

[3] Babatope L., Babatunde L., and Ayobami I., “Strategic Sensor Placement for Intrusion Detection in Network-Based IDS,” International Journal of Intelligent Systems and Applications, vol. 6, no. 2, pp. 61-68, 2014.

[4] Bahrololum M., Salahi E., and Khaleghi M., “Anomaly Intrusion Detection Design Using Hybrid of Unsupervised and Supervised Neural Network,” International Journal of Computer Networks and Communications, vol. 1, no. 2, pp. 26-33, 2009.

[5] Bhardwaj K., Miranda J., and Gavrilovska A., “Towards Iot-Ddos Prevention Using Edge Computing,” in Proceedings of USENIX Workshop on Hot Topics in Edge Computing, Boston, 2018.

[6] Bindra N. and Sood M., “Detecting DDoS Attacks Using Machine Learning Techniques and Contemporary Intrusion Detection Dataset,” Automatic Control and Computer Sciences, vol. 53, no. 5, pp. 419-428, 2019.

[7] Bostani H. and Sheikhan M., “Hybrid of Anomaly-Based and Specification-Based Ids for Internet of Things Using Unsupervised Opf Based on Mapreduce Approach,” Computer Communications, vol. 98, pp. 52-71, 2017.

[8] Cartlidge E., “The Internet of Things: From Hype to Reality,” Optics and Photonics News, vol. 28, no. 9, pp. 26-33, 2017.

[9] Chollet F., “Keras: Python Deep Learning Library,”, Last Visited, 2015.

[10] Dabbagh M. and Rayes A., “Internet of Things Security and Privacy,” in Internet of Things from Hype to Reality, 2017.

[11] Dalati I., “Towards More Enterprise Security for IoT,” enterprise-security-iot/, Last Visited, 2017.

[12] Doshi R., Apthorpe N., and Feamster N., “Machine Learning DDoS Detection for Consumer Internet of Things Devices,” in Proceedings of IEEE Security and Privacy Workshops, San Francisco, pp. 29-35, 2018. (7) DoS and DDoS Attack Detection Using Deep Learning and IDS 661

[13] Dubey S. and Dubey J., “KBB: A Hybrid Method for Intrusion Detection,” in Proceedings of International Conference on Computer, Communication and Control, Indore, pp. 1-6, 2015.

[14] Gangwar A. and Sahu S., “A Survey on Anomaly and Signature-Based Intrusion Detection System,” International Journal of Engineering Research and Applications, vol. 4, no. 4, pp. 67- 72, 2014.

[15] Ioulianou P., Vasilakis G., Moscholios I., and Logothetis M., “A Signature-based Intrusion Detection System for the Internet of Things,” in Proceedings of Information and Communication Technology Forum, Austria, pp. 1-6, 2018.

[16] Joshi S. and Kulkarni K., “Internet of Things: An Overview,” ISOR Journal of Computer Engineering, vol. 18, no. 4, pp. 117-121, 2016.

[17] Junhong L., “Detection of DDoS Attack Based on Dense Neural Networks, Autoencoders and Pearson Correlation Coefficient,” Master Thesis, Dalhousie University, 2020.

[18] Kiourkoulis S., “DDOS Datasets: Use of Machine Learning to Analyse Intrusion Detection Performance,” Master Thesis, Luleå University of Technology, Space Engineering, 2020.

[19] Pedregosa F., Varoquaux G., Gramfort A., Michel V., Thirion B., Grisel O., Blondel M., Prettenhofer P., Weiss R., Dubourg V., Vanderplas J., Passos A., Cournapeau D., Brucher M., Perrot M., and Duchesnay E., “Scikit-learn: Machine Learning in Python,” Journal of Machine Learning Research, vol. 12, no. 85, pp. 2825-2830, 2011.

[20] Razak T. and Salim I., “A Study on IDS for Preventing Denial of Service Attack Using Outliers’ Techniques,” in Proceedings of IEEE International Conference on Engineering and Technology, India, pp. 768-775, 2016.

[21] Sachdeva M, Singh G., Kumar K., and Singh K., “DDoS Incidents and Their Impact: A Review,” The International Arab Journal of Information Technology, vol. 7, no. 1, pp. 14-20, 2010.

[22] Scarfone K. and Mell P., “Guide to Intrusion Detection and Prevention Systems (IDPS),”NIST. No. Special Publication (NIST SP), 2007.

[23] SharafaldinI., Lashkari A., Hakak S., and Ghorbani A., “Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy,” in Proceedings of IEEE 53rd International Carnahan Conference on Security Technology, Chennai, pp. 1-8, 2019.

[24] Shurman M., Khrais R., and Yateem A., “IoT Denial-of-Service Attack Detection and Prevention Using Hybrid IDS,” in Proceedings of International Arab Conference on Information Technology, Alain, pp. 252-254, 2019.

[25] Tuan T., Long H., Son L., Kumar R., Priyadarshini I., and Son N., “Performance Evaluation of Botnet Ddos Attack Detection Using Machine Learning,” Evolutionary Intelligence, vol. 13, no. 2, pp. 283-294, 2020.

[26] Zekrifa D., “Hybrid Intrusion Detection System,” Master Thesis, University of South Australia, 2014. Mohammad Shurman received the B.Sc. degree in Electrical and Computer Engineering from Jordan University of Science and Technology, Irbid, Jordan, M.Sc. and Ph.D. degrees in Computer Engineering-Wireless Networks from University of Alabama-Huntsville (UAH) in 2000, 2003, and 2006, respectively. Presently he is with the Network Engineering and Security Department, Jordan University of Science and Technology, Irbid, Jordan. His research interests include wireless Ad hoc networks, security and key management of wireless networks, wireless sensor networks, network coding, wireless communication and mobile networks, software defined networks (SDN), cognitive radio, WiMAX, 4G and 5G technology and Blockchains. Rami Khrais received his B.Sc degree in computer science from Al- Balqa' Applied University, Jordan, in 2018. He is currently a graduate student in computer engineering at Jordan University of Science and Technology, Jordan. His research interests are in deep learning, machine learning and information security. Abdulrahman Yateem received his B.Sc degree in Information Technology from Ahlia University, Bahrain, in 2008. He is currently a graduate student in Network Engineering and Security at Jordan University of Science and Technology, Jordan. His research interests are in information warfare, network and information security.