Insights into attacks’ progression: Prediction of spatio-temporal behavior of DDoS attacks

Ahmed Abusnaina; Mohammed Abuhamad; Dae Hun Nyang; Songqing Chen; An Wang; David Mohaisen

doi:10.1007/978-3-030-65299-9_27

Insights into attacks’ progression: Prediction of spatio-temporal behavior of DDoS attacks

Ahmed Abusnaina, Mohammed Abuhamad, Dae Hun Nyang, Songqing Chen, An Wang, David Mohaisen

Department of Cyber Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

DDoS attacks are an immense threat to online services, and numerous studies have been done to detect and defend against them. DDoS attacks, however, are becoming more sophisticated and launched with different purposes, making the detection and instant defense as important as analyzing the behavior of the attack during and after it takes place. Studying and modeling the Spatio-temporal evolvement of DDoS attacks is essential to predict, assess, and combat the problem, since recent studies have shown the emergence of wider and more powerful adversaries. This work aims to model seven Spatio-temporal behavioral characteristics of DDoS attacks, including the attack magnitude, the adversaries’ botnet information, and the attack’s source locality down to the organization. We leverage four state-of-the-art deep learning methods to construct an ensemble of models to capture and predict behavioral patterns of the attack. The proposed ensemble operates in two frequencies, hourly and daily, to actively model and predict the attack behavior and evolvement, and oversee the effect of implementing a defense mechanism.

Original language	English
Title of host publication	Information Security Applications - 21st International Conference, WISA 2020, Revised Selected Papers
Editors	Ilsun You
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	362-374
Number of pages	13
ISBN (Print)	9783030652982
DOIs	https://doi.org/10.1007/978-3-030-65299-9_27
State	Published - 2020
Event	21st International Conference on Information Security Applications, WISA 2020 - Jeju Island, Korea, Republic of Duration: 26 Aug 2020 → 28 Aug 2020

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	12583 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	21st International Conference on Information Security Applications, WISA 2020
Country/Territory	Korea, Republic of
City	Jeju Island
Period	26/08/20 → 28/08/20

Bibliographical note

Funding Information:
Acknowledgement. This work was supported by NRF grant 2016K1A1A2912757, NIST grant 70NANB18H272, and NSF grant CNS-1524462 (S. Chen), and by the Institute for Smart, Secure and Connected Systems at CWRU (A. Wang).

Publisher Copyright:
© Springer Nature Switzerland AG 2020.

Keywords

DDoS Attacks Prediction
Deep learning

Access to Document

10.1007/978-3-030-65299-9_27

Cite this

Abusnaina, A., Abuhamad, M., Nyang, D. H., Chen, S., Wang, A., & Mohaisen, D. (2020). Insights into attacks’ progression: Prediction of spatio-temporal behavior of DDoS attacks. In I. You (Ed.), Information Security Applications - 21st International Conference, WISA 2020, Revised Selected Papers (pp. 362-374). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12583 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-65299-9_27

Abusnaina, Ahmed ; Abuhamad, Mohammed ; Nyang, Dae Hun et al. / Insights into attacks’ progression : Prediction of spatio-temporal behavior of DDoS attacks. Information Security Applications - 21st International Conference, WISA 2020, Revised Selected Papers. editor / Ilsun You. Springer Science and Business Media Deutschland GmbH, 2020. pp. 362-374 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{e01e05a283924e2e9110fe66c609eec8,

title = "Insights into attacks{\textquoteright} progression: Prediction of spatio-temporal behavior of DDoS attacks",

abstract = "DDoS attacks are an immense threat to online services, and numerous studies have been done to detect and defend against them. DDoS attacks, however, are becoming more sophisticated and launched with different purposes, making the detection and instant defense as important as analyzing the behavior of the attack during and after it takes place. Studying and modeling the Spatio-temporal evolvement of DDoS attacks is essential to predict, assess, and combat the problem, since recent studies have shown the emergence of wider and more powerful adversaries. This work aims to model seven Spatio-temporal behavioral characteristics of DDoS attacks, including the attack magnitude, the adversaries{\textquoteright} botnet information, and the attack{\textquoteright}s source locality down to the organization. We leverage four state-of-the-art deep learning methods to construct an ensemble of models to capture and predict behavioral patterns of the attack. The proposed ensemble operates in two frequencies, hourly and daily, to actively model and predict the attack behavior and evolvement, and oversee the effect of implementing a defense mechanism.",

keywords = "DDoS Attacks Prediction, Deep learning",

author = "Ahmed Abusnaina and Mohammed Abuhamad and Nyang, {Dae Hun} and Songqing Chen and An Wang and David Mohaisen",

note = "Funding Information: Acknowledgement. This work was supported by NRF grant 2016K1A1A2912757, NIST grant 70NANB18H272, and NSF grant CNS-1524462 (S. Chen), and by the Institute for Smart, Secure and Connected Systems at CWRU (A. Wang). Publisher Copyright: {\textcopyright} Springer Nature Switzerland AG 2020.; 21st International Conference on Information Security Applications, WISA 2020 ; Conference date: 26-08-2020 Through 28-08-2020",

year = "2020",

doi = "10.1007/978-3-030-65299-9_27",

language = "English",

isbn = "9783030652982",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "362--374",

editor = "Ilsun You",

booktitle = "Information Security Applications - 21st International Conference, WISA 2020, Revised Selected Papers",

}

Abusnaina, A, Abuhamad, M, Nyang, DH, Chen, S, Wang, A & Mohaisen, D 2020, Insights into attacks’ progression: Prediction of spatio-temporal behavior of DDoS attacks. in I You (ed.), Information Security Applications - 21st International Conference, WISA 2020, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12583 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 362-374, 21st International Conference on Information Security Applications, WISA 2020, Jeju Island, Korea, Republic of, 26/08/20. https://doi.org/10.1007/978-3-030-65299-9_27

Insights into attacks’ progression: Prediction of spatio-temporal behavior of DDoS attacks. / Abusnaina, Ahmed; Abuhamad, Mohammed; Nyang, Dae Hun et al.
Information Security Applications - 21st International Conference, WISA 2020, Revised Selected Papers. ed. / Ilsun You. Springer Science and Business Media Deutschland GmbH, 2020. p. 362-374 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12583 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Insights into attacks’ progression

T2 - 21st International Conference on Information Security Applications, WISA 2020

AU - Abusnaina, Ahmed

AU - Abuhamad, Mohammed

AU - Nyang, Dae Hun

AU - Chen, Songqing

AU - Wang, An

AU - Mohaisen, David

N1 - Funding Information: Acknowledgement. This work was supported by NRF grant 2016K1A1A2912757, NIST grant 70NANB18H272, and NSF grant CNS-1524462 (S. Chen), and by the Institute for Smart, Secure and Connected Systems at CWRU (A. Wang). Publisher Copyright: © Springer Nature Switzerland AG 2020.

PY - 2020

Y1 - 2020

N2 - DDoS attacks are an immense threat to online services, and numerous studies have been done to detect and defend against them. DDoS attacks, however, are becoming more sophisticated and launched with different purposes, making the detection and instant defense as important as analyzing the behavior of the attack during and after it takes place. Studying and modeling the Spatio-temporal evolvement of DDoS attacks is essential to predict, assess, and combat the problem, since recent studies have shown the emergence of wider and more powerful adversaries. This work aims to model seven Spatio-temporal behavioral characteristics of DDoS attacks, including the attack magnitude, the adversaries’ botnet information, and the attack’s source locality down to the organization. We leverage four state-of-the-art deep learning methods to construct an ensemble of models to capture and predict behavioral patterns of the attack. The proposed ensemble operates in two frequencies, hourly and daily, to actively model and predict the attack behavior and evolvement, and oversee the effect of implementing a defense mechanism.

AB - DDoS attacks are an immense threat to online services, and numerous studies have been done to detect and defend against them. DDoS attacks, however, are becoming more sophisticated and launched with different purposes, making the detection and instant defense as important as analyzing the behavior of the attack during and after it takes place. Studying and modeling the Spatio-temporal evolvement of DDoS attacks is essential to predict, assess, and combat the problem, since recent studies have shown the emergence of wider and more powerful adversaries. This work aims to model seven Spatio-temporal behavioral characteristics of DDoS attacks, including the attack magnitude, the adversaries’ botnet information, and the attack’s source locality down to the organization. We leverage four state-of-the-art deep learning methods to construct an ensemble of models to capture and predict behavioral patterns of the attack. The proposed ensemble operates in two frequencies, hourly and daily, to actively model and predict the attack behavior and evolvement, and oversee the effect of implementing a defense mechanism.

KW - DDoS Attacks Prediction

KW - Deep learning

UR - http://www.scopus.com/inward/record.url?scp=85098250553&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-65299-9_27

DO - 10.1007/978-3-030-65299-9_27

M3 - Conference contribution

AN - SCOPUS:85098250553

SN - 9783030652982

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 362

EP - 374

BT - Information Security Applications - 21st International Conference, WISA 2020, Revised Selected Papers

A2 - You, Ilsun

PB - Springer Science and Business Media Deutschland GmbH

Y2 - 26 August 2020 through 28 August 2020

ER -

Abusnaina A, Abuhamad M, Nyang DH, Chen S, Wang A, Mohaisen D. Insights into attacks’ progression: Prediction of spatio-temporal behavior of DDoS attacks. In You I, editor, Information Security Applications - 21st International Conference, WISA 2020, Revised Selected Papers. Springer Science and Business Media Deutschland GmbH. 2020. p. 362-374. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-65299-9_27

Insights into attacks’ progression: Prediction of spatio-temporal behavior of DDoS attacks

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Fingerprint

Cite this