Computer Science

Computer Science ›› 2020, Vol. 47 ›› Issue (2): 287-293.doi: 10.11896/jsjkx.190100047

• Information Security • Previous Articles     Next Articles

DoS Anomaly Detection Based on Isolation Forest Algorithm Under Edge Computing Framework

CHEN Jia,OUYANG Jin-yuan,FENG An-qi,WU Yuan,QIAN Li-ping   

  1. (College of Information Engineering,Zhejiang University of Technology,Hangzhou 310023,China)
  • Received:2019-01-07 Online:2020-02-15 Published:2020-03-18
  • About author:CHEN Jia,born in 1995,postgraduate.His main research interests include internet of things and network resource scheduling;QIAN Li-ping,born in 1981,Ph.D,professor,Ph.D supervisor,is member of China Computer Federation.Her main research interests include wireless communication,deep space communication,cognitive radio network and smart grid.
  • Supported by:
    This work was supported by the National Natural Science Foundation of China (61572440) and Natural Science Foundation of Zhejiang Province, China (LR16F010003, LR17F010002).

PDF (PC)

1200

Abstract: With the rapid development of network technology,network attacks have brought huge negative impacts,so network security issues need to be resolved urgently.Aiming at denial of service (DoS) attacks in networks,an anomaly detection method for isolated forest based on edge computing framework was proposed.According to the characteristics of each edge node,the method realizes the reasonable distribution of the model training tasks and effectively improves the utilization efficiency of edge nodes.Meanwhile,the characteristics of edge computing are utilized to realize the offloading of model training tasks from cloud center,so as to better reduce the time consumption of the system and reduce the burdenof the cloud center.In order to verify the effectiveness of the proposed method,the 10%-KDDCUP99 network dataset is preprocessed and partial data used for experiments.Experimental results show that compared with the Support Vector Machine (SVM) and Multi-Layer Perceptron (MLP) methods,time consumption of proposed method is reduced by 90% and 60% respectively,and area under curve (AUC) can reach more than 0.9,which indicates that the method can effectively reduce the system time consumption and ensure a high detection performance.

Key words: Anomaly detection, Data preprocessing, DoS attack, Edge computing, Isolation forest

CLC Number: 

  • TP309.2
[1]PEDRO G T,JESUS D V,M GABRIEL M F,et al.Anomaly-based network intrusion detection:Techniques,systems and challenges [J].Computers & Security,2009,28(1/2):18-28.
[2]TAN A P,CHEN H,WU B Q.Network Intrusion Intelligent Detection Algorithm Based on AdaBoost[J].Computer Scien-ce,2014,41(2):197-200.
[3]CHEN J Y,XU X Y,SU M M.Research on Network Attack Detection Based on Self-adaptive Immune Computing [J].Computer Science,2018,45(S1):364-370.
[4]WANG C,VISWANATHAN K,LAKSHMINARAYAN C, et al.Statistical techniques for online anomaly detection in data centers[C]∥Proceedings of the 12 IFIP/IEEE International Symposium on Integrated Network Management.IEEE,2011:385-392.
[5]DING Z G,DU D J,FEI M R.An isolation principle based distributed anomaly detection method in wireless sensor networks [J].International Journal of Automation and Computing,2015,12(4):402-412.
[6]KILLOURHY K S,MAXION R A.Comparing anomaly-detec-tion algorithms for keystroke dynamics[C]∥2009 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN).IEEE Computer Society,2009:125-134.
[7]YU X S,HAN D Z,DU Z X.DDoS Attack Detection System Based on Intelligent Bee Colony Algorithm[J].Computer Scien-ce,2018,45(12):123-129.
[8]FEDERICO S W,JUAN I A P,PABLO C D L H,et al.Anomaly Detection in Network Traffic Based on Statistical Inference and alpha-Stable Modeling [J].IEEE Transactions on Dependable &Secure Computing,2011,8(4):494-509.
[9]MENG W Z,LI W J,KWOK L F.Design of intelligent KNN-based alarm filter using knowledge-based alert verification in intrusion detection [M].Security and Communication Networks,2015,8(18):3883-3895.
[10]ZHANG J,ZULKERNINE M,HAQUE A.Random-Forests-Based Network Intrusion Detection Systems [J].IEEE Transactions on Systems,Man,and Cybernetics,Part C:Applications and Reviews,2008,38(5):649-659.
[11]XU D,WANG Y J,MENG Y L,et al.Improved Data Anomaly Detection Method Based on Isolation Forest[J].Computer Scien-ce,2018,45(10):155-159.
[12]ZHANG Q,HU Y P,JI C,et al.Edge Computing Application:Real-Time Anomaly Detection Algorithm for Sensing Data [J].Journal of Computer Research and Development,2018,55(3):524-536.
[13]LI H,WANG L.Online orchestration of cooperative defense against DDoS attacks for 5G MEC[C]∥Wireless Communications and Networking Conference.IEEE,2018:1-6.
[14]LIU F T,TING K M,ZHOU Z H.Isolation Forest[C]∥Proceeding of the 2008 Eighth Eighth IEEE International Conference on Data Mining.IEEE Computer Society,2008:413-422.
[15]HE Y,ZHU X,WANG G,et al.Predicting Bugs in Software Code Changes Using Isolation Forest[C]∥IEEE International Conference on Software Quality.IEEE,2017:296-305.
[16]CALHEIROS R,RAMAMOHANARAO K,BUYYA R,et al.On the effectiveness of isolation-based anomaly detection in cloud data centers [J].Concurrency and Computation:Practice and Experience,2017:e4169.
[17]DING Z,DU D,FEI M.An isolation principle based distributed anomaly detection method in wireless sensor networks [J].International Journal of Automation and Computing,2015,12(4):402-412.
[18]HE H B,GARCIA E A.Learning from Imbalanced Data [J].IEEE Transactions on Knowledge & Data Engineering,2009,21(9):1263-1284.
[19]SHI W S,SUN H,CAO J,et al.Edge Computing—An Emerging Computing Model for the Internet of Everything Era [J].Journal of Computer Research & Development,2017,54(5):907-924.
[20]BRUNO R P.Data Structures and Algorithms with ObjectOriented Design Patterns in Java[M].Wiley,1999.
[21]INGBER L.Simulated annealing:Practice versus theory[J]. Mathematical & Computer Modeling:An International Journal,1993,18(11):29-57.
[22]WU J S,ZHANG W P,MA Y.Data analysis and study on KDDCUP99 data set [J].Computer Applications and Software,2014(11):321-325.
[23]ADETUNMBI A,ADEOLA S,DARAMOLA O.Analysis of KDD’99 Intrusion Detection Dataset for Selection of Relevance Features [J].Lecture Notes in Engineering & Computer Scien-ce,2010,2186(1):1371-1379.
[24]TREBAR M,STEELE N.Application of distributed SVM architectures in classifying forest data cover types [J].Computers and Electronics in Agriculture,2008,63(2):119-130.
[1] SUN Hui-ting, FAN Yan-fang, MA Meng-xiao, CHEN Ruo-yu, CAI Ying. Dynamic Pricing-based Vehicle Collaborative Computation Offloading Scheme in VEC [J]. Computer Science, 2022, 49(9): 242-248.
[2] XU Tian-hui, GUO Qiang, ZHANG Cai-ming. Time Series Data Anomaly Detection Based on Total Variation Ratio Separation Distance [J]. Computer Science, 2022, 49(9): 101-110.
[3] WANG Xin-tong, WANG Xuan, SUN Zhi-xin. Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network [J]. Computer Science, 2022, 49(8): 314-322.
[4] DU Hang-yuan, LI Duo, WANG Wen-jian. Method for Abnormal Users Detection Oriented to E-commerce Network [J]. Computer Science, 2022, 49(7): 170-178.
[5] YU Bin, LI Xue-hua, PAN Chun-yu, LI Na. Edge-Cloud Collaborative Resource Allocation Algorithm Based on Deep Reinforcement Learning [J]. Computer Science, 2022, 49(7): 248-253.
[6] LI Meng-fei, MAO Ying-chi, TU Zi-jian, WANG Xuan, XU Shu-fang. Server-reliability Task Offloading Strategy Based on Deep Deterministic Policy Gradient [J]. Computer Science, 2022, 49(7): 271-279.
[7] FANG Tao, YANG Yang, CHEN Jia-xin. Optimization of Offloading Decisions in D2D-assisted MEC Networks [J]. Computer Science, 2022, 49(6A): 601-605.
[8] LIU Zhang-hui, ZHENG Hong-qiang, ZHANG Jian-shan, CHEN Zhe-yi. Computation Offloading and Deployment Optimization in Multi-UAV-Enabled Mobile Edge Computing Systems [J]. Computer Science, 2022, 49(6A): 619-627.
[9] YUAN Hao-nan, WANG Rui-jin, ZHENG Bo-wen, WU Bang-yan. Design and Implementation of Cross-chain Trusted EMR Sharing System Based on Fabric [J]. Computer Science, 2022, 49(6A): 490-495.
[10] XIE Wan-cheng, LI Bin, DAI Yue-yue. PPO Based Task Offloading Scheme in Aerial Reconfigurable Intelligent Surface-assisted Edge Computing [J]. Computer Science, 2022, 49(6): 3-11.
[11] SHEN Shao-peng, MA Hong-jiang, ZHANG Zhi-heng, ZHOU Xiang-bing, ZHU Chun-man, WEN Zuo-cheng. Three-way Drift Detection for State Transition Pattern on Multivariate Time Series [J]. Computer Science, 2022, 49(4): 144-151.
[12] WU Yu-kun, LI Wei, NI Min-ya, XU Zhi-cheng. Anomaly Detection Model Based on One-class Support Vector Machine Fused Deep Auto-encoder [J]. Computer Science, 2022, 49(3): 144-151.
[13] ZHANG Hai-bo, ZHANG Yi-feng, LIU Kai-jian. Task Offloading,Migration and Caching Strategy in Internet of Vehicles Based on NOMA-MEC [J]. Computer Science, 2022, 49(2): 304-311.
[14] LIN Chao-wei, LIN Bing, CHEN Xing. Study on Scientific Workflow Scheduling Based on Fuzzy Theory Under Edge Environment [J]. Computer Science, 2022, 49(2): 312-320.
[15] LENG Jia-xu, TAN Ming-pi, HU Bo, GAO Xin-bo. Video Anomaly Detection Based on Implicit View Transformation [J]. Computer Science, 2022, 49(2): 142-148.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.