Applying Big Data Analytics in DDos Forensics: Challenges and Opportunities

Augusto Gonzaga Sarmento, Kheng Cher Yeo, Sami Azam, Asif Karim, Abdullah Al Mamun, Bharanidharan Shanmugam

    Research output: Chapter in Book/Report/Conference proceedingConference Paper published in Proceedingspeer-review

    5 Citations (Scopus)

    Abstract

    DDoS (Distributed Denial-of-Service) attacks greatly affect the internet users, but mostly it’s a catastrophe for the organization in terms of business productivity and financial cost. During the DDoS attack, the network log file rapidly increases and using forensics traditional framework make it almost impossible for DDoS forensics investigation to succeed. This paper mainly focuses on finding the most suitable techniques, tools, and frameworks in big data analytics that help forensics investigation to successfully identify DDoS attacks. This paper reviewed numbers of previous research that related to the topic to find and understand general terms, challenges and opportunities of using big data in forensics investigation. The data mining tools used in this paper for simulation was RapidMiner because of its ability to prepare the data before the analysis and optimizes it for quicker subsequent processing, and the dataset used was taken from University of New Brunswick’s website. Algorithms that were used to evaluate the DDoS attack training dataset are Naïve Bayes, Decision Tree, Gradient Boost and Random Forest. The evaluation results projected that the majority of algorithms has above 90% of accuracy, precision and recall respectively. Using the data mining tools and recommended algorithms will help reduce processing time associated with data analysis, reduce cost and improve the quality of information. Future research is recommended to install in an actual network environment for different DDoS detection models and compare the efficiency and accuracy in real attacks.

    Original languageEnglish
    Title of host publicationCybersecurity, Privacy and Freedom Protection in the Connected World
    Subtitle of host publicationProceedings of the 13th International Conference on Global Security, Safety and Sustainability, London, January 2021
    EditorsHamid Jahankhani, Arshad Jamal, Shaun Lawson
    Place of PublicationCham, Switzerland
    PublisherSpringer Nature
    Pages235-252
    Number of pages18
    Edition1
    ISBN (Electronic)978-3-030-68534-8
    ISBN (Print)978-3-030-68533-1, 978-3-030-68536-2
    DOIs
    Publication statusPublished - 2021
    Event13th International
    Conference on Global Security, Safety
    and Sustainability
    - Online, London, United Kingdom
    Duration: 14 Jan 202115 Jan 2021
    Conference number: 13

    Publication series

    NameAdvanced Sciences and Technologies for Security Applications
    ISSN (Print)1613-5113
    ISSN (Electronic)2363-9466

    Conference

    Conference13th International
    Conference on Global Security, Safety
    and Sustainability
    Abbreviated titleICGS3-21
    Country/TerritoryUnited Kingdom
    CityOnline, London
    Period14/01/2115/01/21

    Bibliographical note

    Publisher Copyright:
    © 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG.

    Copyright:
    Copyright 2021 Elsevier B.V., All rights reserved.

    Fingerprint

    Dive into the research topics of 'Applying Big Data Analytics in DDos Forensics: Challenges and Opportunities'. Together they form a unique fingerprint.

    Cite this