Applying Big Data Analytics in DDos Forensics: Challenges and Opportunities

Augusto Gonzaga Sarmento; Kheng Cher Yeo; Sami Azam; Asif Karim; Abdullah Al Mamun; Bharanidharan Shanmugam

doi:10.1007/978-3-030-68534-8_15

Applying Big Data Analytics in DDos Forensics: Challenges and Opportunities

Augusto Gonzaga Sarmento, Kheng Cher Yeo, Sami Azam, Asif Karim, Abdullah Al Mamun, Bharanidharan Shanmugam

CDU College of Engineering, IT and Environment

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper published in Proceedings › peer-review

Abstract

DDoS (Distributed Denial-of-Service) attacks greatly affect the internet users, but mostly it’s a catastrophe for the organization in terms of business productivity and financial cost. During the DDoS attack, the network log file rapidly increases and using forensics traditional framework make it almost impossible for DDoS forensics investigation to succeed. This paper mainly focuses on finding the most suitable techniques, tools, and frameworks in big data analytics that help forensics investigation to successfully identify DDoS attacks. This paper reviewed numbers of previous research that related to the topic to find and understand general terms, challenges and opportunities of using big data in forensics investigation. The data mining tools used in this paper for simulation was RapidMiner because of its ability to prepare the data before the analysis and optimizes it for quicker subsequent processing, and the dataset used was taken from University of New Brunswick’s website. Algorithms that were used to evaluate the DDoS attack training dataset are Naïve Bayes, Decision Tree, Gradient Boost and Random Forest. The evaluation results projected that the majority of algorithms has above 90% of accuracy, precision and recall respectively. Using the data mining tools and recommended algorithms will help reduce processing time associated with data analysis, reduce cost and improve the quality of information. Future research is recommended to install in an actual network environment for different DDoS detection models and compare the efficiency and accuracy in real attacks.

Original language	English
Title of host publication	Cybersecurity, Privacy and Freedom Protection in the Connected World
Subtitle of host publication	Proceedings of the 13th International Conference on Global Security, Safety and Sustainability, London, January 2021
Editors	Hamid Jahankhani, Arshad Jamal, Shaun Lawson
Place of Publication	Cham, Switzerland
Publisher	Springer Nature
Pages	235-252
Number of pages	18
Edition	1
ISBN (Electronic)	978-3-030-68534-8
ISBN (Print)	978-3-030-68533-1, 978-3-030-68536-2
DOIs	https://doi.org/10.1007/978-3-030-68534-8_15
Publication status	Published - 2021
Event	13th International Conference on Global Security, Safety and Sustainability - Online, London, United Kingdom Duration: 14 Jan 2021 → 15 Jan 2021 Conference number: 13

Publication series

Name	Advanced Sciences and Technologies for Security Applications
ISSN (Print)	1613-5113
ISSN (Electronic)	2363-9466

Conference

Conference	13th International Conference on Global Security, Safety and Sustainability
Abbreviated title	ICGS3-21
Country/Territory	United Kingdom
City	Online, London
Period	14/01/21 → 15/01/21

Access to Document

10.1007/978-3-030-68534-8_15

Cite this

Sarmento, A. G., Yeo, K. C., Azam, S., Karim, A., Al Mamun, A., & Shanmugam, B. (2021). Applying Big Data Analytics in DDos Forensics: Challenges and Opportunities. In H. Jahankhani, A. Jamal, & S. Lawson (Eds.), Cybersecurity, Privacy and Freedom Protection in the Connected World: Proceedings of the 13th International Conference on Global Security, Safety and Sustainability, London, January 2021 (1 ed., pp. 235-252). (Advanced Sciences and Technologies for Security Applications). Springer Nature. https://doi.org/10.1007/978-3-030-68534-8_15

Sarmento, Augusto Gonzaga ; Yeo, Kheng Cher ; Azam, Sami et al. / Applying Big Data Analytics in DDos Forensics : Challenges and Opportunities. Cybersecurity, Privacy and Freedom Protection in the Connected World: Proceedings of the 13th International Conference on Global Security, Safety and Sustainability, London, January 2021. editor / Hamid Jahankhani ; Arshad Jamal ; Shaun Lawson. 1. ed. Cham, Switzerland : Springer Nature, 2021. pp. 235-252 (Advanced Sciences and Technologies for Security Applications).

@inproceedings{cbd5e0a42eca40f18f624de37c63fb66,

title = "Applying Big Data Analytics in DDos Forensics: Challenges and Opportunities",

abstract = "DDoS (Distributed Denial-of-Service) attacks greatly affect the internet users, but mostly it{\textquoteright}s a catastrophe for the organization in terms of business productivity and financial cost. During the DDoS attack, the network log file rapidly increases and using forensics traditional framework make it almost impossible for DDoS forensics investigation to succeed. This paper mainly focuses on finding the most suitable techniques, tools, and frameworks in big data analytics that help forensics investigation to successfully identify DDoS attacks. This paper reviewed numbers of previous research that related to the topic to find and understand general terms, challenges and opportunities of using big data in forensics investigation. The data mining tools used in this paper for simulation was RapidMiner because of its ability to prepare the data before the analysis and optimizes it for quicker subsequent processing, and the dataset used was taken from University of New Brunswick{\textquoteright}s website. Algorithms that were used to evaluate the DDoS attack training dataset are Na{\"i}ve Bayes, Decision Tree, Gradient Boost and Random Forest. The evaluation results projected that the majority of algorithms has above 90% of accuracy, precision and recall respectively. Using the data mining tools and recommended algorithms will help reduce processing time associated with data analysis, reduce cost and improve the quality of information. Future research is recommended to install in an actual network environment for different DDoS detection models and compare the efficiency and accuracy in real attacks.",

keywords = "Bid data forensics, Big data analytics, DDoS attacks, DDoS forensics, Forensic investigation",

author = "Sarmento, {Augusto Gonzaga} and Yeo, {Kheng Cher} and Sami Azam and Asif Karim and {Al Mamun}, Abdullah and Bharanidharan Shanmugam",

note = "Publisher Copyright: {\textcopyright} 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG. Copyright: Copyright 2021 Elsevier B.V., All rights reserved.; 13th International<br/>Conference on Global Security, Safety<br/>and Sustainability, ICGS3-21 ; Conference date: 14-01-2021 Through 15-01-2021",

year = "2021",

doi = "10.1007/978-3-030-68534-8_15",

language = "English",

isbn = "978-3-030-68533-1",

series = "Advanced Sciences and Technologies for Security Applications",

publisher = "Springer Nature",

pages = "235--252",

editor = "Hamid Jahankhani and Arshad Jamal and Shaun Lawson",

booktitle = "Cybersecurity, Privacy and Freedom Protection in the Connected World",

address = "United States",

edition = "1",

}

Sarmento, AG, Yeo, KC , Azam, S , Karim, A, Al Mamun, A & Shanmugam, B 2021, Applying Big Data Analytics in DDos Forensics: Challenges and Opportunities. in H Jahankhani, A Jamal & S Lawson (eds), Cybersecurity, Privacy and Freedom Protection in the Connected World: Proceedings of the 13th International Conference on Global Security, Safety and Sustainability, London, January 2021. 1 edn, Advanced Sciences and Technologies for Security Applications, Springer Nature, Cham, Switzerland, pp. 235-252, 13th International
Conference on Global Security, Safety
and Sustainability, Online, London, United Kingdom, 14/01/21. https://doi.org/10.1007/978-3-030-68534-8_15

Applying Big Data Analytics in DDos Forensics : Challenges and Opportunities. / Sarmento, Augusto Gonzaga; Yeo, Kheng Cher ; Azam, Sami et al.

Cybersecurity, Privacy and Freedom Protection in the Connected World: Proceedings of the 13th International Conference on Global Security, Safety and Sustainability, London, January 2021. ed. / Hamid Jahankhani; Arshad Jamal; Shaun Lawson. 1. ed. Cham, Switzerland : Springer Nature, 2021. p. 235-252 (Advanced Sciences and Technologies for Security Applications).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper published in Proceedings › peer-review

TY - GEN

T1 - Applying Big Data Analytics in DDos Forensics

T2 - 13th International<br/>Conference on Global Security, Safety<br/>and Sustainability

AU - Sarmento, Augusto Gonzaga

AU - Yeo, Kheng Cher

AU - Azam, Sami

AU - Karim, Asif

AU - Al Mamun, Abdullah

AU - Shanmugam, Bharanidharan

N1 - Conference code: 13

PY - 2021

Y1 - 2021

N2 - DDoS (Distributed Denial-of-Service) attacks greatly affect the internet users, but mostly it’s a catastrophe for the organization in terms of business productivity and financial cost. During the DDoS attack, the network log file rapidly increases and using forensics traditional framework make it almost impossible for DDoS forensics investigation to succeed. This paper mainly focuses on finding the most suitable techniques, tools, and frameworks in big data analytics that help forensics investigation to successfully identify DDoS attacks. This paper reviewed numbers of previous research that related to the topic to find and understand general terms, challenges and opportunities of using big data in forensics investigation. The data mining tools used in this paper for simulation was RapidMiner because of its ability to prepare the data before the analysis and optimizes it for quicker subsequent processing, and the dataset used was taken from University of New Brunswick’s website. Algorithms that were used to evaluate the DDoS attack training dataset are Naïve Bayes, Decision Tree, Gradient Boost and Random Forest. The evaluation results projected that the majority of algorithms has above 90% of accuracy, precision and recall respectively. Using the data mining tools and recommended algorithms will help reduce processing time associated with data analysis, reduce cost and improve the quality of information. Future research is recommended to install in an actual network environment for different DDoS detection models and compare the efficiency and accuracy in real attacks.

AB - DDoS (Distributed Denial-of-Service) attacks greatly affect the internet users, but mostly it’s a catastrophe for the organization in terms of business productivity and financial cost. During the DDoS attack, the network log file rapidly increases and using forensics traditional framework make it almost impossible for DDoS forensics investigation to succeed. This paper mainly focuses on finding the most suitable techniques, tools, and frameworks in big data analytics that help forensics investigation to successfully identify DDoS attacks. This paper reviewed numbers of previous research that related to the topic to find and understand general terms, challenges and opportunities of using big data in forensics investigation. The data mining tools used in this paper for simulation was RapidMiner because of its ability to prepare the data before the analysis and optimizes it for quicker subsequent processing, and the dataset used was taken from University of New Brunswick’s website. Algorithms that were used to evaluate the DDoS attack training dataset are Naïve Bayes, Decision Tree, Gradient Boost and Random Forest. The evaluation results projected that the majority of algorithms has above 90% of accuracy, precision and recall respectively. Using the data mining tools and recommended algorithms will help reduce processing time associated with data analysis, reduce cost and improve the quality of information. Future research is recommended to install in an actual network environment for different DDoS detection models and compare the efficiency and accuracy in real attacks.

KW - Bid data forensics

KW - Big data analytics

KW - DDoS attacks

KW - DDoS forensics

KW - Forensic investigation

UR - http://www.scopus.com/inward/record.url?scp=85106435703&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-68534-8_15

DO - 10.1007/978-3-030-68534-8_15

M3 - Conference Paper published in Proceedings

AN - SCOPUS:85106435703

SN - 978-3-030-68533-1

SN - 978-3-030-68536-2

T3 - Advanced Sciences and Technologies for Security Applications

SP - 235

EP - 252

BT - Cybersecurity, Privacy and Freedom Protection in the Connected World

A2 - Jahankhani, Hamid

A2 - Jamal, Arshad

A2 - Lawson, Shaun

PB - Springer Nature

CY - Cham, Switzerland

Y2 - 14 January 2021 through 15 January 2021

ER -

Sarmento AG, Yeo KC , Azam S , Karim A, Al Mamun A, Shanmugam B. Applying Big Data Analytics in DDos Forensics: Challenges and Opportunities. In Jahankhani H, Jamal A, Lawson S, editors, Cybersecurity, Privacy and Freedom Protection in the Connected World: Proceedings of the 13th International Conference on Global Security, Safety and Sustainability, London, January 2021. 1 ed. Cham, Switzerland: Springer Nature. 2021. p. 235-252. (Advanced Sciences and Technologies for Security Applications). doi: 10.1007/978-3-030-68534-8_15

Applying Big Data Analytics in DDos Forensics: Challenges and Opportunities

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this