Affiliations: [a] Department of Computer Science & Engineering, National Institute of Technical Teachers Training & Research (NITTTR), Panjab University, Chandigarh, India
| [b] Department of Information Technology, University Institute of Engineering & Technology (UIET), Panjab University, Chandigarh, India
Correspondence:
[*]
Corresponding author. Nilesh Vishwasrao Patil, Department of Computer Science & Engineering, National Institute of Technical Teachers Training & Research (NITTTR), Panjab University, Chandigarh, India. E-mails: [email protected] and [email protected].
Abstract: A Distributed Denial of Service (DDoS) attack is the biggest threat to Internet-based applications and consumes victim service by sending a massive amount of attack traffic. In the literature, numerous approaches are available to protect the victim from the DDoS attacks. However, the attack incidents are increasing year by year. Further, several issues exist in the traditional framework based detection system such as itself becoming a victim, slow detection, no real-time response, etc. Therefore, the traditional framework based system is not capable of processing live traffic in the big data environment. This paper proposes a novel Spark streaming-based distributed and real-time DDoS detection system called S-DDoS. The proposed S-DDoS system employs the K-Means clustering algorithm to recognize the DDoS attack traffic in real-time. The proposed detection model designed on the Apache Hadoop framework using highly scalable H2O sparkling water. The detection model deployed on the Spark framework to classify live traffic flows. The results show that the proposed S-DDoS detection system efficiently detects the DDoS attack from network traffic flows with higher detection accuracy (98% ).
Keywords: Distributed denial of service (DDoS), K-means clustering algorithm, big data, entropy, network security, apache spark
