IEEE Access (Jan 2023)

Real-Time Detection Schemes for Memory DoS (M-DoS) Attacks on Cloud Computing Applications

  • Umar Islam,
  • Abdullah Al-Atawi,
  • Hathal Salamah Alwageed,
  • Muhammad Ahsan,
  • Fuad A. Awwad,
  • Mohamed R. Abonazel

DOI
https://doi.org/10.1109/ACCESS.2023.3290910
Journal volume & issue
Vol. 11
pp. 74641 – 74656

Abstract

Read online

Memory Denial of Service (M-DoS) attacks refer to a class of cyber-attacks that aim to exhaust the memory resources of a system, rendering it unavailable to legitimate users. This type of attack is particularly dangerous in cloud computing environments, where multiple users share the same resources. Detection and mitigation of M-DoS attacks in real-time is a challenging task, as they often involve a large number of low-rate requests, making it difficult to distinguish them from legitimate traffic. Several real-time detection schemes have been proposed to identify and mitigate M-DoS attacks in cloud computing environments. These schemes can be broadly classified into two categories: signature-based and anomaly-based detection. Signature-based detection methods rely on the identification of specific patterns or characteristics of known M-DoS attack techniques, while anomaly-based detection methods identify abnormal behaviour that deviates from the normal pattern of usage. This study presents a hybrid model for real-time detection of cloud and MDOS attacks using SVM-KNN-LR. The dataset used in this study was collected from various sources and pre-processed to extract relevant features for attack detection. A feature selection process was also applied to identify the most important features for attack detection. The hybrid model achieved an accuracy of 96%, outperforming other individual models such as SVM, KNN, LR, Naive Bayes, Decision Trees, Extra Trees, Bagging Trees, and Random Forests. Confusion matrices were also used to evaluate the performance of each model. In the discussion section, we examined the performance of the hybrid model in detecting MDOS attacks and found that it had a high precision score of 0.97. However, the recall score was lower at 0.87, indicating that the model was not able to detect all instances of MDOS attacks.

Keywords