SpringerLink
Log in

Distributed Ensemble Method Using Deep Learning to Detect DDoS Attacks in IoT Networks

  • Research Article-Computer Engineering and Computer Science
  • Published:
Arabian Journal for Science and Engineering Aims and scope Submit manuscript

Abstract

The widespread adoption of Internet of Things (IoT) devices has increased exponentially in recent years. Consequently, the security risks and vulnerabilities related to these unsecured IoT devices are also continuously increasing. Among the significant challenges facing the IoT environment is the threat of Distributed Denial of Service (DDoS) attacks. Several solutions are available in the literature to detect DDoS attacks. However, these detection mechanisms can easily be evaded by attackers using advanced tools and techniques, posing difficulty in detecting such lethal attacks in real time. Therefore, this paper proposes a novel distributed ensemble method for detecting lethal IoT traffic-based DDoS attacks. This method comprises two key stages: first, develo** a distributed ensemble method using the breathtaking capabilities of the H2O.ai distributed machine learning platform and the ensemble learning technique. Secondly, this method was deployed on the Apache Storm stream processing framework, to swiftly analyze incoming network streams and categorize them into eleven distinct classes, including benign traffic and ten types of attacks, in near real time. The proposed method accurately identifies specific target categories within a multi-attack classification scenario by utilizing the expertise of various models. Ultimately, the prediction for a target class is determined based on the model with the highest detection rate. The effectiveness of this method has been examined using different configured scenarios. The experimental results show that our method can identify various attack categories more accurately with 99%+ accuracy and 8.45 s quicker than non-ensemble methods.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Germany)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Algorithm 1
Fig. 6
Fig. 7
Algorithm 2

Similar content being viewed by others

Data Availability

“Dataset is available in a public (Cyber Range Lab of UNSW Canberra, UNSW Sydney, Bot-IoT dataset) repository that issues datasets with DOIs (https://research.unsw.edu.au/projects/bot-iot-dataset)”

References

  1. Manavalan, E.; Jayakrishna, K.: A review of internet of things (iot) embedded sustainable supply chain for industry 4.0 requirements. Comput. Ind. Eng. 127, 925–953 (2019)

    Article  Google Scholar 

  2. Shukla, P.; Krishna, C.R.; Patil, N.V.: Iot traffic-based ddos attacks detection mechanisms: a comprehensive review. J. Supercomput. (2023). https://doi.org/10.1007/s11227-023-05843-7

    Article  Google Scholar 

  3. Vermesan, O.; et al.: Internet of Things Strategic Research and Innovation Agenda, pp. 7–151. River Publishers (2022)

    Google Scholar 

  4. Ahmed, S.; et al.: Towards supply chain visibility using internet of things: a dyadic analysis review. Sensors 21, 4158 (2021)

    Article  Google Scholar 

  5. Mohanta, B.K.; Jena, D.; Satapathy, U.; Patnaik, S.: Survey on iot security: challenges and solution using machine learning, artificial intelligence and blockchain technology. Internet Things 11, 100227 (2020)

    Article  Google Scholar 

  6. Howarth, J.: Number of connected non-iot and iot active devices from 2010 to 2025. https://explodingtopics.com/blog/iot-stats (2023)

  7. Jovanovic, B.: Internet of things statistics for 2023: taking things apart. https://dataprot.net/statistics/iot-statistics/ (2023).

  8. D’Angelo, G.; Castiglione, A.; Palmieri, F.: A cluster-based multidimensional approach for detecting attacks on connected vehicles. IEEE Internet Things J. 8, 12518–12527 (2020)

    Article  Google Scholar 

  9. Mukhopadhyay, S.C.; Suryadevara, N.K.: Inernet of Things: Challenges and Opportunities. Springer (2014)

    Book  Google Scholar 

  10. Patil, N.V.; Rama-Krishna, C.; Kumar, K.: Apache spark based real-time ddos detection system. J. Intell. Fuzzy Syst. 38, 6527–6535 (2020)

    Article  Google Scholar 

  11. Patil, N.V.; Krishna, C.R.; Kumar, K.: Ks-ddos: Kafka streams-based classification approach for ddos attacks. J. Supercomput. 78, 8946 (2022)

    Article  Google Scholar 

  12. Patil, N.V.; Krishna, C.R.; Saluja, K.K.: Ssk-ddos: distributed stream processing framework based classification system for ddos attacks. Cluster Comput. 25, 1355 (2022)

    Article  Google Scholar 

  13. Jemili, F.: Intelligent intrusion detection based on fuzzy big data classification. Cluster Comput. 26, 3719 (2022)

    Article  Google Scholar 

  14. Patil, N.V.; Krishna, C.R.; Kumar, K.: Ss-ddos: Spark-Based ddos Attacks Classification Approach, pp. 81–90. Chapman and Hall/CRC (2022)

    Google Scholar 

  15. Shukla, P.; Krishna, C.R.; Patil, N.V.: Eiot-ddos: embedded classification approach for iot traffic-based ddos attacks. Cluster Comput. 27, 1471 (2023)

    Article  Google Scholar 

  16. Crowdstrike. What is a botnet? https://www.crowdstrike.com/cybersecurity-101/botnets/ (2022)

  17. Vishwakarma, R.; Jain, A.K.: A survey of ddos attacking techniques and defence mechanisms in the iot network. Telecommun. Syst. 73, 3–25 (2020)

    Article  Google Scholar 

  18. Zhang, X.; Upton, O.; Beebe, N.L.; Choo, K.-K.R.: Iot botnet forensics: a comprehensive digital forensic case study on mirai botnet servers. For. Sci. Int. Digit. Investig. 32, 300926 (2020)

    Google Scholar 

  19. Mahdavi Hezavehi, S.; Rahmani, R.: An anomaly-based framework for mitigating effects of ddos attacks using a third party auditor in cloud computing environments. Clust. Comput. 23, 2609–2627 (2020)

    Article  Google Scholar 

  20. Patil, N.V.; Rama Krishna, C.; Kumar, K.: Distributed frameworks for detecting distributed denial of service attacks: a comprehensive review, challenges and future directions. Concurr. Comput. Pract. Exp. 33, e6197 (2021)

    Article  Google Scholar 

  21. StormWall. Q3 2023 in review: Ddos attacks report by stormwall. https://stormwall.network/ddos-report-stormwall-q3-2023 (2023)

  22. Cyberinsiders. Massive surge in ddos attacks reported in first quarter of 2023. https://www.cybersecurity-insiders.com/massive-surge-in-ddos-attacks-reported-in-first-quarter-of-2023/ (2023)

  23. James, N.: 45 global ddos attack statistics 2023. https://www.getastra.com/blog/security-audit/ddos-attack-statistics/ (2023)

  24. Cisco. Cisco visual networking index (vni) global mobile data traffic forecast update, 2017-2022. Cisco Systems Inc., San Jose, CA, USA, 2019 (2020)

  25. StormWall. Q1 2023 in review: Ddos attacks report by stormwall. https://stormwall.network/ddos-report-stormwall-q-1-2023 (2023)

  26. Company, B. R.: Iot security global market report 2023. https://www.thebusinessresearchcompany.com/report/iot-security-global-market-report (2023)

  27. Sharma, R. K.: Ddos attacks and the cyber threatscape. https://www.idsa.in/issuebrief/DDoS-Attacks-and-the-Cyber-Threatscape-RKSharma-010823 (2023)

  28. Makuvaza, A.; Jat, D.S.; Gamundani, A.M.: Deep neural network (dnn) solution for real-time detection of distributed denial of service (ddos) attacks in software defined networks (sdns). SN Comput. Sci. 2, 1–10 (2021)

    Article  Google Scholar 

  29. Ahmad, M.; et al.: Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using unsw-nb15 data-set. EURASIP J. Wirel. Commun. Netw. 2021, 1–23 (2021)

    Article  Google Scholar 

  30. Manjula, H.; Mangla, N.: An approach to on-stream ddos blitz detection using machine learning algorithms. Mater. Today Proc. 80, 3492–3499 (2023)

    Article  Google Scholar 

  31. Soe, Y.N.; Feng, Y.; Santosa, P.I.; Hartanto, R.; Sakurai, K.: Machine learning-based iot-botnet attack detection with sequential architecture. Sensors 20, 4372 (2020)

    Article  Google Scholar 

  32. Gaur, V.; Kumar, R.: Analysis of machine learning classifiers for early detection of ddos attacks on iot devices. Arab. J. Sci. Eng. 47, 1353–1374 (2022)

    Article  Google Scholar 

  33. Gupta, B.; Chaudhary, P.; Chang, X.; Nedjah, N.: Smart defense against distributed denial of service attack in iot networks using supervised learning classifiers. Comput. Electr. Eng. 98, 107726 (2022)

    Article  Google Scholar 

  34. Popoola, S.I.; et al.: smote-drnn: a deep learning algorithm for botnet detection in the internet-of-things networks. Sensors 21, 2985 (2021)

    Article  Google Scholar 

  35. Apostol, I.; Preda, M.; Nila, C.; Bica, I.: Iot botnet anomaly detection using unsupervised deep learning. Electronics 10, 1876 (2021)

    Article  Google Scholar 

  36. Adefemi Alimi, K.O.; Ouahada, K.; Abu-Mahfouz, A.M.; Rimer, S.; Alimi, O.A.: Refined lstm based intrusion detection for denial-of-service attack in internet of things. J. Sens. Actuator Netw. 11, 32 (2022)

    Article  Google Scholar 

  37. Shukla, P.; Krishna, C.R.; Patil, N.V.: A Detection Approach for iot Traffic-based ddos Attacks, pp. 201–214. Springer (2023)

    Google Scholar 

  38. Zhang, H.; Dai, S.; Li, Y.; Zhang, W.: Real-time distributed-random-forest-based network intrusion detection system using apache spark, 1–7. (2018)

  39. Alsirhani, A.; Sampalli, S.; Bodorik, P.: Ddos detection system: using a set of classification algorithms controlled by fuzzy logic system in apache spark. IEEE Trans. Netw. Serv. Manag. 16, 936–949 (2019)

    Article  Google Scholar 

  40. Sharma, A.; Agrawal, C.; Singh, A.; Kumar, K.: Real-Time ddos Detection Based on Entropy Using Hadoop Framework, pp. 297–305. Springer (2020)

    Google Scholar 

  41. Ahmed, A.; Hameed, S.; Rafi, M.; Mirza, Q.K.A.: An intelligent and time-efficient ddos identification framework for real-time enterprise networks: Sad-f: spark based anomaly detection framework. IEEE Access 8, 219483–219502 (2020)

    Article  Google Scholar 

  42. Awan, M.J.; et al.: Real-time ddos attack detection system using big data approach. Sustainability 13, 10743 (2021)

    Article  Google Scholar 

  43. Snehi, M.; Bhandari, A.: A novel distributed stack ensembled meta-learning-based optimized classification framework for real-time prolific iot traffic streams. Arab. J. Sci. Eng. 47, 9907–9930 (2022)

    Article  Google Scholar 

  44. Gumaste, S.; Shinde, S.; et al.: Detection of ddos attacks in openstack-based private cloud using apache spark. J. Telecommun. Inf. Technol. 30, 62 (2020)

    Google Scholar 

  45. Kaur, A.; Krishna, C.R.; Patil, N.V.: K-ddos-sdn: A distributed ddos attacks detection approach for protecting sdn environment. Concurr. Comput. Pract. Exp. 36, e7912 (2024)

    Article  Google Scholar 

  46. Shukla, P.; Krishna, C.R.; Patil, N.V.: Sdda-iot: storm-based distributed detection approach for iot network traffic-based ddos attacks. Cluster Comput. (2024). https://doi.org/10.1007/s10586-024-04297-7

  47. Patil, N.V.; Krishna, C.R.; Kumar, K.; Behal, S.: E-had: A distributed and collaborative detection framework for early detection of ddos attacks. Journal of King Saud University-Computer and Information Sciences in press (2019)

  48. Patil, N.V.; Krishna, C.R.; Kumar, K.: Apache Hadoop Based Distributed Denial of Service Detection Framework, pp. 25–35. Springer (2019)

    Google Scholar 

  49. Kumar, P.; Kumar, R.; Gupta, G.P.; Tripathi, R.: A distributed framework for detecting ddos attacks in smart contract-based blockchain-iot systems by leveraging fog computing. Trans. Emerg. Telecommun. Technol. 32, e4112 (2021)

    Article  Google Scholar 

  50. Kaur, A.; Krishna, C.R.; Patil, N.V.: K-ddos-sdn: a distributed ddos attacks detection approach for protecting sdn environment. Concurr. Comput. Pract. Exp. 36, e7912 (2024)

    Article  Google Scholar 

  51. Bhayo, J.; Hameed, S.; Shah, S.A.: An efficient counter-based ddos attack detection framework leveraging software defined iot (sd-iot). IEEE Access 8, 221612–221631 (2020)

    Article  Google Scholar 

  52. Bhayo, J.; Jafaq, R.; Ahmed, A.; Hameed, S.; Shah, S.A.: A time-efficient approach toward ddos attack detection in iot network using sdn. IEEE Internet Things J. 9, 3612–3630 (2021)

    Article  Google Scholar 

  53. Cherian, M.; Varma, S.L.: Secure sdn-iot framework for ddos attack detection using deep learning and counter based approach. J. Netw. Syst. Manag. 31, 54 (2023)

    Article  Google Scholar 

  54. Patil, N.V.; Krishna, C.R.; Kumar, K.; Behal, S.: E-had: a distributed and collaborative detection framework for early detection of ddos attacks. J. King Saud Univ. Comput, Inf. Sci. 34, 1373–1387 (2022)

    Google Scholar 

  55. Foundation, A. S.: Apache storm. https://storm.apache.org/ (2022)

  56. Rao, T.R.; Mitra, P.; Bhatt, R.; Goswami, A.: The big data system, components, tools, and technologies: a survey. Knowl. Inf. Syst. 60, 1165–1245 (2019)

    Article  Google Scholar 

  57. H2O. H2o.ai distributed machine learning platform. https://docs.h2o.ai/h2o/latest-stable/h2o-docs/data-science.html (2023)

  58. Koroniotis, N.; Moustafa, N.; Sitnikova, E.; Turnbull, B.: Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset. Futur. Gener. Comput. Syst. 100, 779–796 (2019)

    Article  Google Scholar 

  59. D’Angelo, G.; Palmieri, F.: Network traffic classification using deep convolutional recurrent autoencoder neural networks for spatial-temporal features extraction. J. Netw. Comput. Appl. 173, 102890 (2021)

    Article  Google Scholar 

  60. D’Angelo, G.; Palmieri, F.; Robustelli, A.; Castiglione, A.: Effective classification of android malware families through dynamic features and neural networks. Connect. Sci. 33, 786–801 (2021)

    Article  Google Scholar 

  61. Saravanan, S.; Reddy, S.V.S.: Performance evaluation of classification algorithms in the design of apache spark based intrusion detection system, 443–447 (2020)

Download references

Author information

Author notes

  1. C. Rama Krishna and Nilesh Vishwasrao Patil have contributed equally to this work.

Authors and Affiliations

  1. Department of Computer Science AND Engineering, National Institute of Technical Teachers Training and Research, Sector-26, Chandigarh, U.T. Chandigarh, 160019, India

    Praveen Shukla & C. Rama Krishna

  2. Department of Computer Engineering, Government Polytechnic, Chhatrapati Shambha**agar, Maharashtra, 431005, India

    Nilesh Vishwasrao Patil

Authors
  1. Praveen Shukla
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. C. Rama Krishna
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nilesh Vishwasrao Patil
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Praveen Shukla.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Shukla, P., Krishna, C.R. & Patil, N.V. Distributed Ensemble Method Using Deep Learning to Detect DDoS Attacks in IoT Networks. Arab J Sci Eng (2024). https://doi.org/10.1007/s13369-024-09144-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s13369-024-09144-w

Keywords

Search

Navigation