Distributed Denial Of Service (DDOS) Attack Detection On Zigbee Protocol Using Naive Bayes Algoritm

International Journal of Artificial Intelligence Research Pub Date : 2021-06-30 DOI:10.29099/ijair.v5i2.214

Ibnu Masud, Kusrini Kusrini, Agung Budi Prasetio

{"title":"Distributed Denial Of Service (DDOS) Attack Detection On Zigbee Protocol Using Naive Bayes Algoritm","authors":"Ibnu Masud, Kusrini Kusrini, Agung Budi Prasetio","doi":"10.29099/ijair.v5i2.214","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service or better known as DDoS is an attempted attack from several computer systems that target a server so that the amount of traffic becomes too high so that the server cannot handle the request. DDoS is usually done by using several computer systems that are used as sources of attacks. So they attack one server through several computers so that the amount of traffic can also be higher. A DDoS attack is like a traffic jam that prevents a driver from reaching their desired destination on time. According to data, 33% of businesses in the world have fallen victim to DDoS attacks. DDoS is hard to trace. Some types of DDoS attacks can be very powerful and even reach speeds of 1.35 Tbps. Additionally, DDoS attacks can cause losses of $ 40,000 per hour if they occur. ZigBee is a standard from IEEE 802.15.4 for data communication on personal consumer devices as well as for business scale. ZigBee is designed with low power consumption and works for low level personal networks. ZigBee devices are commonly used to control another device or as a wireless sensor. ZigBee has a feature which is able to manage its own network, or manage data exchange on the network [1]. Another advantage of ZigBee is that it requires low power, so it can be used as a wireless control device which only needs to be installed once, because only one battery can make ZigBee last up to a year. In addition, ZigBee also has a \"mesh\" network topology so that it can form a wider network and more reliable data. In the previous research of Muhammad Aziz, Rusydi Umar, Faizin Ridho (2019) based on the results of the analysis carried out that the attack information that has been detected by the IDS based on signatures needs to be reviewed for accuracy using classification with statistical calculations. Based on the analysis and testing carried out with the artificial neural network method, it was found that the accuracy was 95.2381%. The neural network method can be applied in the field of network forensics in determining accurate results and helping to strengthen evidence at trial. The Naïve Bayes model performed relatively poor overall and produced the lowest accuracy score of this study (45%) when trained with the CICDDoS2019 dataset [47]. For the same model, precision was 66% and recall was 54%, meaning that almost half the time, the model misses to identify threats. ","PeriodicalId":334856,"journal":{"name":"International Journal of Artificial Intelligence Research","volume":"179 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Artificial Intelligence Research","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.29099/ijair.v5i2.214","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Distributed Denial of Service or better known as DDoS is an attempted attack from several computer systems that target a server so that the amount of traffic becomes too high so that the server cannot handle the request. DDoS is usually done by using several computer systems that are used as sources of attacks. So they attack one server through several computers so that the amount of traffic can also be higher. A DDoS attack is like a traffic jam that prevents a driver from reaching their desired destination on time. According to data, 33% of businesses in the world have fallen victim to DDoS attacks. DDoS is hard to trace. Some types of DDoS attacks can be very powerful and even reach speeds of 1.35 Tbps. Additionally, DDoS attacks can cause losses of $ 40,000 per hour if they occur. ZigBee is a standard from IEEE 802.15.4 for data communication on personal consumer devices as well as for business scale. ZigBee is designed with low power consumption and works for low level personal networks. ZigBee devices are commonly used to control another device or as a wireless sensor. ZigBee has a feature which is able to manage its own network, or manage data exchange on the network [1]. Another advantage of ZigBee is that it requires low power, so it can be used as a wireless control device which only needs to be installed once, because only one battery can make ZigBee last up to a year. In addition, ZigBee also has a "mesh" network topology so that it can form a wider network and more reliable data. In the previous research of Muhammad Aziz, Rusydi Umar, Faizin Ridho (2019) based on the results of the analysis carried out that the attack information that has been detected by the IDS based on signatures needs to be reviewed for accuracy using classification with statistical calculations. Based on the analysis and testing carried out with the artificial neural network method, it was found that the accuracy was 95.2381%. The neural network method can be applied in the field of network forensics in determining accurate results and helping to strengthen evidence at trial. The Naïve Bayes model performed relatively poor overall and produced the lowest accuracy score of this study (45%) when trained with the CICDDoS2019 dataset [47]. For the same model, precision was 66% and recall was 54%, meaning that almost half the time, the model misses to identify threats.

查看原文本刊更多论文

基于朴素贝叶斯算法的Zigbee协议分布式拒绝服务攻击检测

分布式拒绝服务，或者更著名的是DDoS，是一种来自多个计算机系统的攻击，它们以一台服务器为目标，使流量变得过高，以至于服务器无法处理请求。DDoS通常是通过使用几个作为攻击源的计算机系统来完成的。所以他们通过几台计算机攻击一台服务器，这样流量也可以更高。DDoS攻击就像交通堵塞，使司机无法按时到达目的地。数据显示，全球33%的企业都曾遭受过DDoS攻击。DDoS很难追踪。某些类型的DDoS攻击可以非常强大，甚至可以达到1.35 Tbps的速度。此外，如果发生DDoS攻击，每小时可造成40,000美元的损失。ZigBee是IEEE 802.15.4的一项标准，用于个人消费设备和商业规模的数据通信。ZigBee具有低功耗设计，适用于低级别的个人网络。ZigBee设备通常用于控制另一个设备或作为无线传感器。ZigBee具有能够管理自己的网络，或者管理网络上的数据交换的特性[1]。ZigBee的另一个优点是它需要低功耗，所以它可以作为一个只需要安装一次的无线控制设备，因为只需要一个电池就可以使ZigBee使用长达一年。此外，ZigBee还具有“网状”的网络拓扑结构，从而可以形成更广泛的网络和更可靠的数据。Muhammad Aziz, Rusydi Umar, Faizin Ridho(2019)在之前的研究中，根据分析结果，IDS基于签名检测到的攻击信息需要使用分类和统计计算来审查其准确性。采用人工神经网络方法进行分析和测试，准确率为95.2381%。神经网络方法可以应用于网络取证领域，以确定准确的结果，并有助于加强审判证据。Naïve贝叶斯模型在使用CICDDoS2019数据集训练时，总体表现相对较差，在本研究中准确率最低(45%)[47]。同样的模型，准确率为66%，召回率为54%，这意味着几乎有一半的时间，模型无法识别威胁。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Artificial Intelligence Research

自引率

0.00%

发文量