An Adaptive Protection of Flooding Attacks Model for Complex Network Environments
Autonomous agents; Complex networks; Computational methods; Floods; Internet protocols; Network layers; Network security; Statistical tests; Adaptive protection; Denial of Service; Distributed denial of service; Network applications; Network environments; Potential targets; Simulation systems; Traff...
Saved in:
Main Authors: | , , , , , , , , |
---|---|
Other Authors: | |
Format: | Article |
Published: |
Hindawi Limited
2023
|
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my.uniten.dspace-26547 |
---|---|
record_format |
dspace |
spelling |
my.uniten.dspace-265472023-05-29T17:11:48Z An Adaptive Protection of Flooding Attacks Model for Complex Network Environments Khalaf B.A. Mostafa S.A. Mustapha A. Mohammed M.A. Mahmoud M.A. Al-Rimy B.A.S. Abd Razak S. Elhoseny M. Marks A. 57205359430 37036085800 57200530694 57192089894 55247787300 57200494876 57202120585 57148260400 24759128700 Autonomous agents; Complex networks; Computational methods; Floods; Internet protocols; Network layers; Network security; Statistical tests; Adaptive protection; Denial of Service; Distributed denial of service; Network applications; Network environments; Potential targets; Simulation systems; Traffic intensity; Denial-of-service attack Currently, online organizational resources and assets are potential targets of several types of attack, the most common being flooding attacks. We consider the Distributed Denial of Service (DDoS) as the most dangerous type of flooding attack that could target those resources. The DDoS attack consumes network available resources such as bandwidth, processing power, and memory, thereby limiting or withholding accessibility to users. The Flash Crowd (FC) is quite similar to the DDoS attack whereby many legitimate users concurrently access a particular service, the number of which results in the denial of service. Researchers have proposed many different models to eliminate the risk of DDoS attacks, but only few efforts have been made to differentiate it from FC flooding as FC flooding also causes the denial of service and usually misleads the detection of the DDoS attacks. In this paper, an adaptive agent-based model, known as an Adaptive Protection of Flooding Attacks (APFA) model, is proposed to protect the Network Application Layer (NAL) against DDoS flooding attacks and FC flooding traffics. The APFA model, with the aid of an adaptive analyst agent, distinguishes between DDoS and FC abnormal traffics. It then separates DDoS botnet from Demons and Zombies to apply suitable attack handling methodology. There are three parameters on which the agent relies, normal traffic intensity, traffic attack behavior, and IP address history log, to decide on the operation of two traffic filters. We test and evaluate the APFA model via a simulation system using CIDDS as a standard dataset. The model successfully adapts to the simulated attack scenarios' changes and determines 303,024 request conditions for the tested 135,583 IP addresses. It achieves an accuracy of 0.9964, a precision of 0.9962, and a sensitivity of 0.9996, and outperforms three tested similar models. In addition, the APFA model contributes to identifying and handling the actual trigger of DDoS attack and differentiates it from FC flooding, which is rarely implemented in one model. � 2021 Bashar Ahmad Khalaf et al. Final 2023-05-29T09:11:48Z 2023-05-29T09:11:48Z 2021 Article 10.1155/2021/5542919 2-s2.0-85105362658 https://www.scopus.com/inward/record.uri?eid=2-s2.0-85105362658&doi=10.1155%2f2021%2f5542919&partnerID=40&md5=e35d7a1138f19acf49c617ad593bb5fe https://irepository.uniten.edu.my/handle/123456789/26547 2021 5542919 All Open Access, Gold Hindawi Limited Scopus |
institution |
Universiti Tenaga Nasional |
building |
UNITEN Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Tenaga Nasional |
content_source |
UNITEN Institutional Repository |
url_provider |
http://dspace.uniten.edu.my/ |
description |
Autonomous agents; Complex networks; Computational methods; Floods; Internet protocols; Network layers; Network security; Statistical tests; Adaptive protection; Denial of Service; Distributed denial of service; Network applications; Network environments; Potential targets; Simulation systems; Traffic intensity; Denial-of-service attack |
author2 |
57205359430 |
author_facet |
57205359430 Khalaf B.A. Mostafa S.A. Mustapha A. Mohammed M.A. Mahmoud M.A. Al-Rimy B.A.S. Abd Razak S. Elhoseny M. Marks A. |
format |
Article |
author |
Khalaf B.A. Mostafa S.A. Mustapha A. Mohammed M.A. Mahmoud M.A. Al-Rimy B.A.S. Abd Razak S. Elhoseny M. Marks A. |
spellingShingle |
Khalaf B.A. Mostafa S.A. Mustapha A. Mohammed M.A. Mahmoud M.A. Al-Rimy B.A.S. Abd Razak S. Elhoseny M. Marks A. An Adaptive Protection of Flooding Attacks Model for Complex Network Environments |
author_sort |
Khalaf B.A. |
title |
An Adaptive Protection of Flooding Attacks Model for Complex Network Environments |
title_short |
An Adaptive Protection of Flooding Attacks Model for Complex Network Environments |
title_full |
An Adaptive Protection of Flooding Attacks Model for Complex Network Environments |
title_fullStr |
An Adaptive Protection of Flooding Attacks Model for Complex Network Environments |
title_full_unstemmed |
An Adaptive Protection of Flooding Attacks Model for Complex Network Environments |
title_sort |
adaptive protection of flooding attacks model for complex network environments |
publisher |
Hindawi Limited |
publishDate |
2023 |
_version_ |
1806426467150594048 |
score |
13.211869 |