Detection of DDoS attacks in D2D communications using machine learning approach
In device-to-device (D2D) communications, distributed Denial-of-Service (DDoS) attacks can be quite detrimental because it can result in network structure destruction. Towards this end, the research objective of this paper is to identify and prevent DDoS and Denial-of-Service (DoS) attacks (i.e., SY...
Saved in:
Published in: | Computer communications Vol. 198; pp. 32 - 51 |
---|---|
Main Authors: | , , , , , , , , |
Format: | Journal Article |
Language: | English |
Published: |
Elsevier B.V
15-01-2023
|
Subjects: | |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | In device-to-device (D2D) communications, distributed Denial-of-Service (DDoS) attacks can be quite detrimental because it can result in network structure destruction. Towards this end, the research objective of this paper is to identify and prevent DDoS and Denial-of-Service (DoS) attacks (i.e., SYN, Slowloris) in a D2D communication environment. Specifically, by replicating a real-world scenario, we emulate SLowloris attacks in a D2D communication network and generate a D2D Network-specific Slowloris dataset. This dataset along with the CICDDoS2019 dataset was then used to train our proposed Machine learning (ML) model that aids in the detection and prevention of DDoS attacks (Slowloris and SYN) in the considered D2D framework. The whole process of how to construct an emulation network for D2D communication and test it against a variety of attacks and implementations is also demonstrated in the paper. To quantify the detection accuracy in the context of DDoS and DoS attacks, we use various ML algorithms such as Random Forest, Light GBM, XGBoost, and Ada Boost and study their performance with the aid of extensive emulation. The results collected revealed that both Slowloris and CICDDoS2019 datasets achieve greater accuracy with Random Forest. Consequently, the results compel us to develop a technique for combining the identification of DDoS and DoS attacks in binary classification Random Forests with the binary decision. The proposed technique has been evaluated and compared with other related approaches in the open literature demonstrating significant performance in terms of identification and prevention time, processing and memory resources required, and device battery consumption, without affecting the accuracy of the attack identification. Hence, we advocate that our proposed technique can be extremely beneficial in preventing DDoS and DoS attacks in a D2D communication environment, where its lifetime and capabilities are mainly associated with the resources of the D2D device (i.e., CPU, Memory, and battery life). |
---|---|
ISSN: | 0140-3664 1873-703X |
DOI: | 10.1016/j.comcom.2022.11.013 |