Insights into attacks’ progression: Prediction of spatio-temporal behavior of DDoS attacks

Ahmed Abusnaina, Mohammed Abuhamad, Dae Hun Nyang, Songqing Chen, An Wang, David Mohaisen

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

DDoS attacks are an immense threat to online services, and numerous studies have been done to detect and defend against them. DDoS attacks, however, are becoming more sophisticated and launched with different purposes, making the detection and instant defense as important as analyzing the behavior of the attack during and after it takes place. Studying and modeling the Spatio-temporal evolvement of DDoS attacks is essential to predict, assess, and combat the problem, since recent studies have shown the emergence of wider and more powerful adversaries. This work aims to model seven Spatio-temporal behavioral characteristics of DDoS attacks, including the attack magnitude, the adversaries’ botnet information, and the attack’s source locality down to the organization. We leverage four state-of-the-art deep learning methods to construct an ensemble of models to capture and predict behavioral patterns of the attack. The proposed ensemble operates in two frequencies, hourly and daily, to actively model and predict the attack behavior and evolvement, and oversee the effect of implementing a defense mechanism.

Original languageEnglish
Title of host publicationInformation Security Applications - 21st International Conference, WISA 2020, Revised Selected Papers
EditorsIlsun You
PublisherSpringer Science and Business Media Deutschland GmbH
Pages362-374
Number of pages13
ISBN (Print)9783030652982
DOIs
StatePublished - 2020
Event21st International Conference on Information Security Applications, WISA 2020 - Jeju Island, Korea, Republic of
Duration: 26 Aug 202028 Aug 2020

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12583 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference21st International Conference on Information Security Applications, WISA 2020
Country/TerritoryKorea, Republic of
CityJeju Island
Period26/08/2028/08/20

Bibliographical note

Funding Information:
Acknowledgement. This work was supported by NRF grant 2016K1A1A2912757, NIST grant 70NANB18H272, and NSF grant CNS-1524462 (S. Chen), and by the Institute for Smart, Secure and Connected Systems at CWRU (A. Wang).

Publisher Copyright:
© Springer Nature Switzerland AG 2020.

Keywords

  • DDoS Attacks Prediction
  • Deep learning

Fingerprint

Dive into the research topics of 'Insights into attacks’ progression: Prediction of spatio-temporal behavior of DDoS attacks'. Together they form a unique fingerprint.

Cite this