Amandeep Verma , Rahul Saha , Gulshan Kumar , Mauro Conti , Joel J.P.C. Rodrigues
{"title":"VAIDANSHH:车载环境中异构主机的自适应 DDoS 检测","authors":"Amandeep Verma , Rahul Saha , Gulshan Kumar , Mauro Conti , Joel J.P.C. Rodrigues","doi":"10.1016/j.vehcom.2024.100787","DOIUrl":null,"url":null,"abstract":"<div><p>Vehicular networks are vulnerable to Distributed Denial of Service (DDoS), an extension of a Denial of Service (DoS) attack. The existing solutions for DDoS detection in vehicular networks use various Machine Learning (ML) algorithms. However, these algorithms are applicable only in a single layer in a vehicular network environment and are incapable of detecting DDoS dynamics for different layers of the network infrastructure. The recently reported attacks on transport networks reveal the fact that a research gap exists between the existing solutions and the multi-layer DDoS detection strategy requirements. Additionally, the majority of the current detection methods fail in the consideration of traffic heterogeneity and are not rate-adaptive, where both the mentioned parameters are important for an effective detection system.</p><p>In this paper, we introduce a comprehensive ML-based Network Intrusion Detection System (NIDS) against DDoS attacks in vehicular networks. Our proposed NIDS combines a three-tier security model, traffic adaptivity, and heterogeneity traffic provisions. We call our model <em>Vehicular Adaptive Intrusion Detection And Novel System for Heterogeneous Hosts (VAIDANSHH)</em>. As mentioned earlier, VAIDANSHH has a three-tier security system: at RSU's hardware, communication channel, and RSU application level. VAIDANSHH combines the Adaptive Alarming Module (AAM) and the Detection Module (DM) for data generation, collection of generated data, flow monitoring, pre-processing, and classification. We use the NS3 simulation tool for our experiments to generate synthetic data and apply ML with WEKA. We run a thorough set of experiments, which show that VAIDANSHH detects UDP flooding, a form of DDoS attack, with 99.9% accuracy within a very short time. We compare VAIDANSHH with other state-of-the-art models; the comparative analysis shows that VAIDANSHH is superior in terms of accuracy and its multi-tier workflow.</p></div>","PeriodicalId":54346,"journal":{"name":"Vehicular Communications","volume":"48 ","pages":"Article 100787"},"PeriodicalIF":5.8000,"publicationDate":"2024-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"VAIDANSHH: Adaptive DDoS detection for heterogeneous hosts in vehicular environments\",\"authors\":\"Amandeep Verma , Rahul Saha , Gulshan Kumar , Mauro Conti , Joel J.P.C. Rodrigues\",\"doi\":\"10.1016/j.vehcom.2024.100787\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Vehicular networks are vulnerable to Distributed Denial of Service (DDoS), an extension of a Denial of Service (DoS) attack. The existing solutions for DDoS detection in vehicular networks use various Machine Learning (ML) algorithms. However, these algorithms are applicable only in a single layer in a vehicular network environment and are incapable of detecting DDoS dynamics for different layers of the network infrastructure. The recently reported attacks on transport networks reveal the fact that a research gap exists between the existing solutions and the multi-layer DDoS detection strategy requirements. Additionally, the majority of the current detection methods fail in the consideration of traffic heterogeneity and are not rate-adaptive, where both the mentioned parameters are important for an effective detection system.</p><p>In this paper, we introduce a comprehensive ML-based Network Intrusion Detection System (NIDS) against DDoS attacks in vehicular networks. Our proposed NIDS combines a three-tier security model, traffic adaptivity, and heterogeneity traffic provisions. We call our model <em>Vehicular Adaptive Intrusion Detection And Novel System for Heterogeneous Hosts (VAIDANSHH)</em>. As mentioned earlier, VAIDANSHH has a three-tier security system: at RSU's hardware, communication channel, and RSU application level. VAIDANSHH combines the Adaptive Alarming Module (AAM) and the Detection Module (DM) for data generation, collection of generated data, flow monitoring, pre-processing, and classification. We use the NS3 simulation tool for our experiments to generate synthetic data and apply ML with WEKA. We run a thorough set of experiments, which show that VAIDANSHH detects UDP flooding, a form of DDoS attack, with 99.9% accuracy within a very short time. We compare VAIDANSHH with other state-of-the-art models; the comparative analysis shows that VAIDANSHH is superior in terms of accuracy and its multi-tier workflow.</p></div>\",\"PeriodicalId\":54346,\"journal\":{\"name\":\"Vehicular Communications\",\"volume\":\"48 \",\"pages\":\"Article 100787\"},\"PeriodicalIF\":5.8000,\"publicationDate\":\"2024-05-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Vehicular Communications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214209624000627\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"TELECOMMUNICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Vehicular Communications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214209624000627","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}
VAIDANSHH: Adaptive DDoS detection for heterogeneous hosts in vehicular environments
Vehicular networks are vulnerable to Distributed Denial of Service (DDoS), an extension of a Denial of Service (DoS) attack. The existing solutions for DDoS detection in vehicular networks use various Machine Learning (ML) algorithms. However, these algorithms are applicable only in a single layer in a vehicular network environment and are incapable of detecting DDoS dynamics for different layers of the network infrastructure. The recently reported attacks on transport networks reveal the fact that a research gap exists between the existing solutions and the multi-layer DDoS detection strategy requirements. Additionally, the majority of the current detection methods fail in the consideration of traffic heterogeneity and are not rate-adaptive, where both the mentioned parameters are important for an effective detection system.
In this paper, we introduce a comprehensive ML-based Network Intrusion Detection System (NIDS) against DDoS attacks in vehicular networks. Our proposed NIDS combines a three-tier security model, traffic adaptivity, and heterogeneity traffic provisions. We call our model Vehicular Adaptive Intrusion Detection And Novel System for Heterogeneous Hosts (VAIDANSHH). As mentioned earlier, VAIDANSHH has a three-tier security system: at RSU's hardware, communication channel, and RSU application level. VAIDANSHH combines the Adaptive Alarming Module (AAM) and the Detection Module (DM) for data generation, collection of generated data, flow monitoring, pre-processing, and classification. We use the NS3 simulation tool for our experiments to generate synthetic data and apply ML with WEKA. We run a thorough set of experiments, which show that VAIDANSHH detects UDP flooding, a form of DDoS attack, with 99.9% accuracy within a very short time. We compare VAIDANSHH with other state-of-the-art models; the comparative analysis shows that VAIDANSHH is superior in terms of accuracy and its multi-tier workflow.
期刊介绍:
Vehicular communications is a growing area of communications between vehicles and including roadside communication infrastructure. Advances in wireless communications are making possible sharing of information through real time communications between vehicles and infrastructure. This has led to applications to increase safety of vehicles and communication between passengers and the Internet. Standardization efforts on vehicular communication are also underway to make vehicular transportation safer, greener and easier.
The aim of the journal is to publish high quality peer–reviewed papers in the area of vehicular communications. The scope encompasses all types of communications involving vehicles, including vehicle–to–vehicle and vehicle–to–infrastructure. The scope includes (but not limited to) the following topics related to vehicular communications:
Vehicle to vehicle and vehicle to infrastructure communications
Channel modelling, modulating and coding
Congestion Control and scalability issues
Protocol design, testing and verification
Routing in vehicular networks
Security issues and countermeasures
Deployment and field testing
Reducing energy consumption and enhancing safety of vehicles
Wireless in–car networks
Data collection and dissemination methods
Mobility and handover issues
Safety and driver assistance applications
UAV
Underwater communications
Autonomous cooperative driving
Social networks
Internet of vehicles
Standardization of protocols.