Deep reinforcement learning for building honeypots against runtime DoS attack
Pages 3981 - 4007
Abstract
Honeypot is a network environment utilized to protect proper network sources from attacks. Honeypot makes an environment that attracts the attacker to pay their operations to steal sources. Denial of Service (DoS) attacks are efficiently noticed using the proposed honeypot method. The issues of the previous technique are that the DoS attack is a malicious act with the goal of interrupting the access to a computer network. The result of the DoS attack can cause the computers on the network to squander their resources to serve illegitimate requests that result in a disruption of the network's services to legitimate users. To overcome these challenges this method is proposed. In this manuscript, the Deep Adaptive Reinforcement Learning for Honeypots (DARLH) is proposed. Here, honeypot environment, the proposed DARLHs system implements Deep Adaptive Reinforcement Learning (DARL) with Intrusion Detection System (IDS) agents and Deep Recurrent Neural Network (DRNN) with IDS agent for observing multiruntime DoS attack. In the next level, the system creates DRNN and DARL IDS agent integration modules for effective runtime attack detections. The Knowledge Data Discovery data set pattern, UNSW‐NB20, and Bot‐IoT data sets are used to the scenario of DoS attack. The method is executed in Python 3.7. The experimental outcomes are likened through different existing methods, such as Game and Naïve‐Bayes Honeypot, Block Chain Honeypot, and Recurrent Neural Network‐based Signature Generation and Detection. The proposed method is compared with External DoS Attack, Internal DoS attack, Brute‐force attack, DoS attack, Web attack, and Botnet attacks with the existing methods. From the comparison, the proposed method offers 5%–10% better outcomes than another existing method. Lastly, the test results determine that the proposed method performance is most efficient with another existing system.
References
[1]
Ghourab E, Azab M. Benign false‐data injection as a moving‐target defense to secure mobile wireless communications. Ad Hoc Netw. 2020;102:102064. doi:10.1016/j.adhoc.2019.102064
[2]
Kumar G, Saha R, Singh M, Rai M. Optimized packet filtering honeypot with snooping agents in intrusion detection system for WLAN. Int J Inf Secur Privacy. 2018;12(1):53‐62. doi:10.4018/ijisp.2018010105
[3]
Veena K, Meena K. Implementing file and real time based intrusion detections in secure direct method using advanced honeypot. Cluster Comput. 2018;22(S6):13361‐13368. doi:10.1007/s10586-018-1912-x
[4]
Mythili S, Thiyagarajah K, Rajesh P, Shajin FH. Ideal position and size selection of unified power flow controllers (UPFCs) to upgrade the dynamic stability of systems: an antlion optimiser and invasive weed optimisation algorithm. HKIE Trans. 2020;27(1):25‐37.
[5]
Chu G, Apthorpe N, Feamster N. Security and privacy analyses of internet of things children's toys. IEEE Internet Things J. 2019;6(1):978‐985. doi:10.1109/jiot.2018.2866423
[6]
Al‐Nafjan K, Al‐Hussein M, Alghamdi A, Haque M, Ahmad I. Intrusion detection using PCA based modular neural network. Int J Mach Learn Comput. 2012;2(5):583‐587. doi:10.7763/ijmlc.2012.v2.194
[7]
Rajesh P, Shajin F. A multi‐objective hybrid algorithm for planning electrical distribution system. Eur J Electr Eng. 2020;22(4‐5):377‐387. doi:10.18280/ejee.224-509
[8]
Chetna S, Swades De, eds. Resource Allocation in Next‐generation Broadband Wireless Access Networks. IGI Global; 2017.
[9]
Shajin FH, Rajesh P. Trusted secure geographic routing protocol: outsider attack detection in mobile ad hoc networks by adopting trusted secure geographic routing protocol. Int J Pervasive Comput Commun. 2020;ahead‐of‐print.
[10]
Shrivastava RK, Ramakrishna S, Hota C. Game theory based modified Naïve‐Bayes algorithm to detect DoS attacks using honeypot. In: 2019 IEEE 16th India Council International Conference (INDICON). IEEE; 2019:1‐4.
[11]
Thota MK, Shajin FH, Rajesh P. Survey on software defect prediction techniques. Int J Appl Sci Eng. 2020;17(4):331‐344.
[12]
Shi L, Li Y, Liu T, Liu J, Shan B, Chen H. Dynamic distributed honeypot based on blockchain. IEEE Access. 2019;7:72234‐72246.
[13]
Zhou W, Shi D, Zhu W. Exponential input‐to‐state stability of impulsive stochastic fuzzy Cohen–Grossberg neural networks with distributed infinite transmission delays. In: 2019 Chinese Control Conference (CCC). IEEE; 2019:5715‐5720.
[14]
Safarpour M, Ebrahimi F, Habibi M, Safarpour H. On the nonlinear dynamics of a multi‐scale hybrid nanocomposite disk. Eng Comput. 2021;37(3):2369‐2388.
[15]
Xiong L, Xu Z, Shi YQ. An integer wavelet transform based scheme for reversible data hiding in encrypted images. Multidimens Syst Signal Process. 2018;29(3):1191‐1202.
[16]
Cheng P, Chen M, Stojanovic V, He S. Asynchronous fault detection filtering for piecewise homogeneous Markov jump linear systems via a dual hidden Markov model. Mech Syst Signal Process. 2021;151:107353.
[17]
Yao D, Li H, Lu R, Shi Y. Distributed sliding‐mode tracking control of second‐order nonlinear multiagent systems: an event‐triggered approach. IEEE Trans Cybern. 2020;50(9):3892‐3902.
[18]
Zhang S, Fang M, Liu H, Luan F, X, Ding Z. Reinforcement learning and adaptive optimization of a class of Markov jump systems with completely unknown dynamic information. Neural Comput Appl. 2020;32(18):14311‐14320.
[19]
Zhai J, Karimi HR. Global output feedback control for a class of nonlinear systems with unknown homogeneous growth condition. Int J Robust Nonlinear Control. 2019;29(7):2082‐2095.
[20]
Thu AA. Integrated intrusion detection and prevention system with honeypot on cloud computing environment. Int J Comput Appl. 2013;67(4):9‐13. doi:10.5120/11382-6660
[21]
Banday M, Sheikh S. Design of secure multilingual CAPTCHA challenge. Int J Web Portals. 2015;7(1):1‐27. doi:10.4018/ijwp.2015010101
[22]
Singh A, Ormazábal G, Schulzrinne H. Heterogeneous networking. Datenschutz und Datensicherheit—DuD. 2014;38(1):25‐30. doi:10.1007/s11623-014-0007-y
[23]
Tsiropoulou EE, Baras JS, Papavassiliou S, Qu G. On the mitigation of interference imposed by intruders in passive RFID networks. In: International Conference on Decision and Game Theory for Security. Springer; 2016:62‐80. doi:10.1007/978-3-319-47413-7_4
[24]
Vamvakas P, Tsiropoulou EE, Papavassiliou S. Exploiting prospect theory and risk‐awareness to protect UAV‐assisted network operation. EURASIP J Wireless Commun Networking. 2019;2019(1):286. doi:10.1186/s13638-019-1616-9
[25]
Shrivastava R, Hota C. Profile‐guided code identification and hardening using return oriented programming. J Inf Security Appl. 2019;48:102364. doi:10.1016/j.jisa.2019.102364
[26]
Shi L, Li Y, Liu T, Liu J, Shan B, Chen H. Dynamic distributed honeypot based on blockchain. IEEE Access. 2019;7:72234‐72246. doi:10.1109/access.2019.2920239
[27]
Kaur S, Singh M. Hybrid intrusion detection and signature generation using deep recurrent neural networks. Neural Comput Appl. 2019;32(12):7859‐7877. doi:10.1007/s00521-019-04187-9
[28]
Khan R, Zhang X, Kumar R, Sharif A, Golilarz N, Alazab M. An adaptive multi‐layer botnet detection technique using machine learning classifiers. Appl Sci. 2019;9(11):2375. doi:10.3390/app9112375
[29]
Srihari Rao N, Chandra Sekharaiah K, Ananda Rao A. Jananee janmabhoomischa: ICT solutions for pronational digital society. Int J Eng Technol. 2018;7(3.29):225. doi:10.14419/ijet.v7i3.29.18800
[30]
Sharma S, Kaul A. A survey on intrusion detection systems and honeypot based proactive security mechanisms in VANETs and VANET cloud. Veh Commun. 2018;12:138‐164. doi:10.1016/j.vehcom.2018.04.005
[31]
Huang X, Huang Y. Mean–variance optimality for semi‐Markov decision processes under first passage criteria. Kybernetika. 2017;53(1):59‐81. doi:10.14736/kyb-2017-1-0059
[32]
Kotey S, Tchao E, Gadze J. On distributed denial of service current defense schemes. Technologies (Basel). 2019;7(1):19. doi:10.3390/technologies7010019
[33]
Su L, Ye D. A cooperative detection and compensation mechanism against denial‐of‐service attack for cyber–physical systems. InfSci (NY). 2018;444:122‐134. doi:10.1016/j.ins.2018.02.066
[34]
Myers J. The United States patent and trademark office internet home pages. World Patent Inf. 1997;19:77‐78. doi:10.1016/s0172-2190(97)82780-9
[35]
Gandhi U, Kumar P, Varatharajan R, Manogaran G, Sundarasekar R, Kadu S. HIoTPOT: surveillance on IoT devices against recent threats. Wirel Pers Commun. 2018;103(2):1179‐1194. doi:10.1007/s11277-018-5307-3
[36]
KDD Cup 1999 Data, http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html, 1999, Retrieved December 15, 2018.
[37]
Moustafa N, Slay J. The evaluation of network anomaly detection systems: statistical analysis of the UNSW‐NB15 data set and the comparison with the KDD99 data set. Inf Secur J: Global Perspect. 2020;25:18‐31.
[38]
Koroniotis N, Moustafa N, Sitnikova E, Turnbull B. Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot‐IoT dataset. Future Gener Comput Syst. 2019;100:779‐796.
[39]
Sklavounos D. Utilization of statistical control charts for DoS network intrusion detection. Int J Cyber‐Secur Digital Forensics. 2018;7(2):166‐174. doi:10.17781/p002391
[40]
Silaban A, Mandala S, Jadied E. Increasing feature selection accuracy through recursive method in intrusion detection system. Int J Inf Commun Technol (IJoICT). 2019;4(2):43. doi:10.21108/ijoict.2018.42.216
Recommendations
POSTER: Reflected attacks abusing honeypots
CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications securityWe present the observation of distributed denial-of-service attacks that use reflection of the flooding traffic off reflectors. This type of attack was used in massive attacks against internet infrastructure of Czech Republic in March, 2013. Apart from ...
Research on DoS Attack and Detection Programming
IITA '09: Proceedings of the 2009 Third International Symposium on Intelligent Information Technology Application - Volume 01The DoS attack is the most popular attack in the network security with the development of network and internet. In this paper, the DoS attack principle is discussed and some DoS attack methods are deeply analyzed. The DoS attack detection technologies ...
Machine learning combating DOS and DDOS attacks
In recent years, technology is booming at a breakneck speed as so the need of security. Vulnerabilities in the layers of the OSI model and the networks are paving new ways for intruders and hackers to steal the confidential information. Security attacks ...
Comments
Information & Contributors
Information
Published In
© 2021 Wiley Periodicals LLC.
Publisher
John Wiley and Sons Ltd.
United Kingdom
Publication History
Published: 26 May 2022
Author Tags
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 06 Feb 2025