VAIDANSHH: Adaptive DDoS detection for heterogeneous hosts in vehicular environments

IF 5.8 2区计算机科学 Q1 TELECOMMUNICATIONS

Vehicular Communications Pub Date : 2024-05-10 DOI:10.1016/j.vehcom.2024.100787

Amandeep Verma , Rahul Saha , Gulshan Kumar , Mauro Conti , Joel J.P.C. Rodrigues

{"title":"VAIDANSHH: Adaptive DDoS detection for heterogeneous hosts in vehicular environments","authors":"Amandeep Verma , Rahul Saha , Gulshan Kumar , Mauro Conti , Joel J.P.C. Rodrigues","doi":"10.1016/j.vehcom.2024.100787","DOIUrl":null,"url":null,"abstract":"<div><p>Vehicular networks are vulnerable to Distributed Denial of Service (DDoS), an extension of a Denial of Service (DoS) attack. The existing solutions for DDoS detection in vehicular networks use various Machine Learning (ML) algorithms. However, these algorithms are applicable only in a single layer in a vehicular network environment and are incapable of detecting DDoS dynamics for different layers of the network infrastructure. The recently reported attacks on transport networks reveal the fact that a research gap exists between the existing solutions and the multi-layer DDoS detection strategy requirements. Additionally, the majority of the current detection methods fail in the consideration of traffic heterogeneity and are not rate-adaptive, where both the mentioned parameters are important for an effective detection system.</p><p>In this paper, we introduce a comprehensive ML-based Network Intrusion Detection System (NIDS) against DDoS attacks in vehicular networks. Our proposed NIDS combines a three-tier security model, traffic adaptivity, and heterogeneity traffic provisions. We call our model <em>Vehicular Adaptive Intrusion Detection And Novel System for Heterogeneous Hosts (VAIDANSHH)</em>. As mentioned earlier, VAIDANSHH has a three-tier security system: at RSU's hardware, communication channel, and RSU application level. VAIDANSHH combines the Adaptive Alarming Module (AAM) and the Detection Module (DM) for data generation, collection of generated data, flow monitoring, pre-processing, and classification. We use the NS3 simulation tool for our experiments to generate synthetic data and apply ML with WEKA. We run a thorough set of experiments, which show that VAIDANSHH detects UDP flooding, a form of DDoS attack, with 99.9% accuracy within a very short time. We compare VAIDANSHH with other state-of-the-art models; the comparative analysis shows that VAIDANSHH is superior in terms of accuracy and its multi-tier workflow.</p></div>","PeriodicalId":54346,"journal":{"name":"Vehicular Communications","volume":null,"pages":null},"PeriodicalIF":5.8000,"publicationDate":"2024-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Vehicular Communications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214209624000627","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}

引用次数: 0

Abstract

Vehicular networks are vulnerable to Distributed Denial of Service (DDoS), an extension of a Denial of Service (DoS) attack. The existing solutions for DDoS detection in vehicular networks use various Machine Learning (ML) algorithms. However, these algorithms are applicable only in a single layer in a vehicular network environment and are incapable of detecting DDoS dynamics for different layers of the network infrastructure. The recently reported attacks on transport networks reveal the fact that a research gap exists between the existing solutions and the multi-layer DDoS detection strategy requirements. Additionally, the majority of the current detection methods fail in the consideration of traffic heterogeneity and are not rate-adaptive, where both the mentioned parameters are important for an effective detection system.

In this paper, we introduce a comprehensive ML-based Network Intrusion Detection System (NIDS) against DDoS attacks in vehicular networks. Our proposed NIDS combines a three-tier security model, traffic adaptivity, and heterogeneity traffic provisions. We call our model Vehicular Adaptive Intrusion Detection And Novel System for Heterogeneous Hosts (VAIDANSHH). As mentioned earlier, VAIDANSHH has a three-tier security system: at RSU's hardware, communication channel, and RSU application level. VAIDANSHH combines the Adaptive Alarming Module (AAM) and the Detection Module (DM) for data generation, collection of generated data, flow monitoring, pre-processing, and classification. We use the NS3 simulation tool for our experiments to generate synthetic data and apply ML with WEKA. We run a thorough set of experiments, which show that VAIDANSHH detects UDP flooding, a form of DDoS attack, with 99.9% accuracy within a very short time. We compare VAIDANSHH with other state-of-the-art models; the comparative analysis shows that VAIDANSHH is superior in terms of accuracy and its multi-tier workflow.

查看原文本刊更多论文

VAIDANSHH：车载环境中异构主机的自适应 DDoS 检测

车载网络很容易受到分布式拒绝服务（DDoS）攻击，这是拒绝服务（DoS）攻击的延伸。现有的车载网络 DDoS 检测解决方案使用各种机器学习 (ML) 算法。然而，这些算法仅适用于车载网络环境中的单层，无法检测网络基础设施不同层的 DDoS 动态。最近报道的对传输网络的攻击表明，现有解决方案与多层 DDoS 检测策略要求之间存在研究差距。此外，目前的大多数检测方法都没有考虑流量异构性，也不具备速率自适应能力，而上述两个参数对于有效的检测系统都非常重要。我们提出的 NIDS 结合了三层安全模型、流量适应性和异构流量规定。我们将这一模型称为 "面向异构主机的车载自适应入侵检测和新型系统（VAIDANSHH）"。如前所述，VAIDANSHH 具有三层安全系统：RSU 硬件层、通信信道层和 RSU 应用层。VAIDANSHH 结合了自适应报警模块（AAM）和检测模块（DM），用于数据生成、生成数据的收集、流量监控、预处理和分类。我们在实验中使用 NS3 仿真工具生成合成数据，并使用 WEKA 应用 ML。我们进行了一系列全面的实验，结果表明 VAIDANSHH 能在很短的时间内以 99.9% 的准确率检测到 UDP 泛洪（一种 DDoS 攻击形式）。我们将 VAIDANSHH 与其他最先进的模型进行了比较；比较分析表明，VAIDANSHH 在准确性和多层工作流程方面更胜一筹。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Vehicular Communications Engineering-Electrical and Electronic Engineering

CiteScore

12.70

自引率

10.40%

发文量

审稿时长

62 days

期刊介绍： Vehicular communications is a growing area of communications between vehicles and including roadside communication infrastructure. Advances in wireless communications are making possible sharing of information through real time communications between vehicles and infrastructure. This has led to applications to increase safety of vehicles and communication between passengers and the Internet. Standardization efforts on vehicular communication are also underway to make vehicular transportation safer, greener and easier. The aim of the journal is to publish high quality peer–reviewed papers in the area of vehicular communications. The scope encompasses all types of communications involving vehicles, including vehicle–to–vehicle and vehicle–to–infrastructure. The scope includes (but not limited to) the following topics related to vehicular communications: Vehicle to vehicle and vehicle to infrastructure communications Channel modelling, modulating and coding Congestion Control and scalability issues Protocol design, testing and verification Routing in vehicular networks Security issues and countermeasures Deployment and field testing Reducing energy consumption and enhancing safety of vehicles Wireless in–car networks Data collection and dissemination methods Mobility and handover issues Safety and driver assistance applications UAV Underwater communications Autonomous cooperative driving Social networks Internet of vehicles Standardization of protocols.