An Intelligent and Time-Efficient DDoS Identification Framework for Real-Time Enterprise Networks SAD-F: Spark Based Anomaly Detection Framework

Ahmed, Awais, Hameed, Sufian, Muhammad, Rafi and Ali Mirza, Qublai Khan ORCID: 0000-0003-3403-2935 (2020) An Intelligent and Time-Efficient DDoS Identification Framework for Real-Time Enterprise Networks SAD-F: Spark Based Anomaly Detection Framework. IEEE Access, 8. pp. 219483-219502. doi:10.1109/access.2020.3042905

[img]
Preview
Text (Peer Reviewed Version)
9116 Ahmed, Hameed, Rafi and Ali Mirza (2020) An-Intelligent-and-Time-Efficient-DDoS-Identification-Framework-for-Real-Time-Enterprise-Networks.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial No Derivatives 4.0.

Download (720kB) | Preview

Abstract

Enterprise networks face a large number of threats that are managed and mitigated with a combination of proprietary and third-party security tools and services. However, the techniques and principles employed by the said tools, processes, and services are quite conventional. They lack the rapid evolution, as required to protect against modern, state-of-the-art threats faced, specifically, against distributed denial of service (DDoS) attacks. The lack of efficiency of a network is directly proportional to the number of applications and services it hosts, mainly to protect against external and internal threats. Moreover, the effectiveness of such security mechanisms relies on their independent and proactive approach, which is useful for known malware and their attack vectors, but become obsolete when there is a new malware or zero-day vulnerability is exploits. This paper presents an intelligent, highly responsive, and scalable security framework for enterprise networks. The proposed framework incorporates Apache Spark Framework for security analytics. It accurately identifies anomalies related to DDoS attacks from real-time network traffic by using customized machine learning algorithms, meticulously trained against selected feature-set. Encouraging results are obtained when tested against different scenarios and bench-marked with the results achieved by related studies in similar scenarios.

Item Type: Article
Article Type: Article
Uncontrolled Keywords: Anomaly Detection; Apache Spark; Big Data Analytics; DDoS; Machine Learning; Malware; Network Security; Security Analytics
Subjects: H Social Sciences > HF Commerce > HF5001 Business
Q Science > QA Mathematics > QA76 Computer software
Divisions: Schools and Research Institutes > School of Computing and Engineering
Research Priority Areas: Applied Business & Technology
Depositing User: Kate Greenaway
Date Deposited: 14 Dec 2020 12:13
Last Modified: 07 Jan 2021 09:00
URI: http://eprints.glos.ac.uk/id/eprint/9116

University Staff: Request a correction | Repository Editors: Update this record

University Of Gloucestershire

Bookmark and Share

Find Us On Social Media:

Social Media Icons Facebook Twitter Google+ YouTube Pinterest Linkedin

Other University Web Sites

University of Gloucestershire, The Park, Cheltenham, Gloucestershire, GL50 2RH. Telephone +44 (0)844 8010001.