Advertisement

Denial of Service Attacks: Detecting the Frailties of Machine Learning Algorithms in the Classification Process

  • Ivo Frazão
  • Pedro Henriques Abreu
  • Tiago Cruz
  • Hélder Araújo
  • Paulo Simões
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11260)

Abstract

Denial of Service attacks, which have become commonplace on the Information and Communications Technologies domain, constitute a class of threats whose main objective is to degrade or disable a service or functionality on a target. The increasing reliance of Cyber-Physical Systems upon these technologies, together with their progressive interconnection with other infrastructure and/or organizational domains, has contributed to increase their exposure to these attacks, with potentially catastrophic consequences. Despite the potential impact of such attacks, the lack of generality regarding the related works in the attack prevention and detection fields has prevented its application in real-world scenarios. This paper aims at reducing that effect by analyzing the behavior of classification algorithms with different dataset characteristics.

Keywords

Denial of Service attacks Intrusion detection systems Classifier performance 

Notes

Acknowledgements

This work was supported by the ATENA European H2020 Project (H2020-DS-2015-1 Project 700581).

References

  1. 1.
    Humayed, A., Lin, J., Li, F., Luo, B.: Cyber-physical systems security: a survey. IEEE Internet Things J. 4(6), 1802–1831 (2017).  https://doi.org/10.1109/JIOT.2017.2703172CrossRefGoogle Scholar
  2. 2.
    Zargar, S.T., Joshi, J., Tipper, D.: A survey of defense mechanisms against distributed denial of service (DDOS) flooding attacks. IEEE Commun. Surv. Tutor. 15(4), 2046–2069 (2013).  https://doi.org/10.1109/SURV.2013.031413.00127CrossRefGoogle Scholar
  3. 3.
    Sabhnani, M., Serpen, G., More, K.K.: Application of machine learning algorithms to KDD intrusion detection dataset within misuse detection context. In: Proceedings of International Conference on Machine Learning: Models, Technologies, and Applications (MLMTA), January 2003, pp. 209–215 (2003). http://dl.acm.org/citation.cfm?id=1293805.1293811
  4. 4.
    Osanaiye, O., Cai, H., Choo, K.K.R., Dehghantanha, A., Xu, Z., Dlodlo, M.: Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. Eurasip J. Wirel. Commun. Netw. 2016(1), 130 (2016).  https://doi.org/10.1186/s13638-016-0623-3CrossRefGoogle Scholar
  5. 5.
    Su, M.Y.: Real-time anomaly detection systems for Denial-of-Service attacks by weighted k-nearest-neighbor classifiers. Expert Syst. Appl. 38(4), 3492–3498 (2011).  https://doi.org/10.1016/j.eswa.2010.08.137CrossRefGoogle Scholar
  6. 6.
    Goldenberg, N., Wool, A.: Accurate modeling of Modbus/TCP for intrusion detection in SCADA systems. Int. J. Crit. Infrastruct. Prot. 6(2), 63–75 (2013).  https://doi.org/10.1016/j.ijcip.2013.05.001CrossRefGoogle Scholar
  7. 7.
    Yoon, M., Ciocarlie, G.F.: Communication pattern monitoring : improving the utility of anomaly detection for industrial control systems. SENT 14(February), 110 (2014).  https://doi.org/10.14722/sent.2014.23012CrossRefGoogle Scholar
  8. 8.
    Erez, N., Wool, A.: Control variable classification, modeling and anomaly detection in Modbus/TCP SCADA systems. Int. J. Crit. Infrastruct. Prot. 10, 59–70 (2015).  https://doi.org/10.1016/j.ijcip.2015.05.001CrossRefGoogle Scholar
  9. 9.
    Markovic-Petrovic, J.D., Stojanovic, M.D.: Analysis of SCADA system vulnerabilities to DDoS attacks. In: 11th International Conference on Telecommunications in Modern Satellite, Cable and Broadcasting Services, TELSIKS 2013, vol. 2, pp. 591–594 (2013).  https://doi.org/10.1109/TELSKS.2013.6704448
  10. 10.
    Kalluri, R., Mahendra, L., Kumar, R.K.S., Prasad, G.L.G.: Simulation and impact analysis of denial-of-service attacks on power SCADA. In: National Power Systems Conference, NPSC 2016, vol. 1 (2017).  https://doi.org/10.1109/NPSC.2016.7858908
  11. 11.
    Hink, R.C.B., Beaver, J.M., Buckner, M.A., Morris, T., Adhikari, U., Pan, S.: Machine learning for power system disturbance and cyber-attack discrimination. In: 7th International Symposium on Resilient Control Systems, ISRCS 2014 (2014).  https://doi.org/10.1109/ISRCS.2014.6900095

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Ivo Frazão
    • 1
  • Pedro Henriques Abreu
    • 1
  • Tiago Cruz
    • 1
  • Hélder Araújo
    • 2
  • Paulo Simões
    • 1
  1. 1.Centre of Informatics and Systems, Department of Informatics EngineeringUniversity of CoimbraCoimbraPortugal
  2. 2.Institute for Systems and Robotics, Department of Electrical and Computer EngineeringUniversity of CoimbraCoimbraPortugal

Personalised recommendations