AN OVERVIEW OF USING OF FRACTAL ANALYSIS FOR DETECTING DDOS NETWORK ATTACKS
DOI:
https://doi.org/10.32782/mathematical-modelling/2025-8-1-25Keywords:
machine learning, DDoS, fractal analysis, classificationAbstract
Distributed Denial-of-Service (DDoS) attacks are among the most severe cybersecurity threats, continuously evolv- ing and causing extensive financial losses worldwide. Unlike traditional Denial-of-Service (DoS) attacks, DDoS attacks leverage multiple compromised systems, creating a coordinated effort to overwhelm network resources and disrupt ser- vice availability. The growing complexity of these attacks, often indistinguishable from legitimate traffic, presents sig- nificant challenges for detection and mitigation. This article examines various machine learning techniques for DDoS detection, including Support Vector Machine (SVM), K-Nearest Neighbors (KNN), Decision Trees, and Naïve Bayes, all of which demonstrate high accuracy in classifying attack patterns on synthetic datasets. While effective in controlled environments, these methods often struggle with the nuances of real-world network traffic, where hybrid and novel attack types obscure detection efforts. To address these challenges, we explore the application of fractal analysis, a promising approach for identifying self-similarity in network traffic.Fractal analysis, which captures the self-similarity in network traffic, has shown potential for identifying abnormal patterns indicative of DDoS activity. Although it has limitations, fractal analysis can improve the detection process when combined with statistical features and machine learning algorithms.Fractal characteristics, such as those quantified by the Hurst Exponent, reveal long-term dependencies and auto- correlation structures in traffic, making them suitable for detecting irregularities commonly associated with DDoS attacks.Our analysis demonstrates that fractal-based methods, when combined with statistical and machine learning approaches, can enhance detection accuracy and improve adaptability to real-world scenarios. Although no single method offers a universal solution, this study underscores the importance of using diverse techniques to effectively monitor and protect against DDoS threats. Further research should focus on integrating multifaceted detection models to better address the evolving landscape of cybersecurity threats posed by DDoS attacks.
References
Merkebaiuly M. Overview of Distributed Denial of Service (DDoS) attack types and mitigation methods. InterConf. 2024. № 43(193). С. 494–508. https://doi.org/10.51582/ interconf.19-20.03.2024.048 (дата звернення: 17.01.2025).
Singh A., Gupta B. B. Distributed denial-of-service (ddos) attacks and defense mechanisms in various web-enabled computing platforms. International journal on semantic web and information systems. 2022. Т. 18, № 1. С. 1–43. https://doi.org/10.4018/ijswis.297143 (дата звернення: 17.01.2025).
DDoS trend report 2024. Official sate. Nexusguard - Simplifying DDoS for Communications Service Providers. URL: https://www.nexusguard.com/threat-report/ddos-trend-report-2024 (дата звернення: 17.01.2025).
Majeed alhammadi N. A., Zaboon K. H., Abdullah A. A. A review of the common ddos attack: types and protection approaches based on artificial intelligence. Fusion: practice and applications. 2021. Т. 7(1). С. 08–14. https://doi.org/10.54216/fpa.070101 (дата звернення: 17.01.2025).
Alqahtani Haya Malooh, Abdullah Monir. A review on ddos attacks classifying and detection by ML/DL models. International journal of advanced computer science and applications. 2024. Т. 15, № 2. С. 824–833. https://doi.org/10.14569/ijacsa.2024.0150283 (дата звернення: 17.01.2025).
Yusof A., Udzir N., Selamat A. An evaluation on KNN-SVM algorithm for detection and prediction of ddos attack. Trends in applied knowledge-based systems and data science. 2016. (Springer Nature Link, 14 липня 2016 р.), С. 95–102. https://doi.org/10.1007/978-3-319-42007-3_9 (дата звернення: 17.01.2025).
Bagyalakshmi C., Samundeeswari E.S. DDoS attack classification on cloud environment using machine learning techniques with different feature selection methods. International journal of advanced trends in computer science and engineering. 2020. Т. 9, № 5. С. 7301–7308. https://doi.org/10.30534/ijatcse/2020/60952020 (дата звернення: 17.01.2025).
Kumar D., Pateriya R. K., Gupta R. K., Dehalwar V., Sharma A. DDoS detection using deep learning. Procedia computer science. 2023. Т. 218. С. 2420–2429. https://doi.org/10.1016/ j.procs.2023.01.217.
Alduailij M., Khan Q. W., Tahir M., Sardaraz M., Alduailij M., Malik F. Machine-Learning- Based ddos attack detection using mutual information and random forest feature importance method. Symmetry. 2022. Т. 14, № 6. С. 1095. https://doi.org/10.3390/sym14061095.
Kirichenko L., Radivilova T., Yeremenko O. Fractal features of DDoS attacks series. WomENcourage: conference Rome. 17–19 September,2019. Rome. 2019. URL: https://www.researchgate.net/publication/337335195_Fractal_features_of_DDoS_attacks_series (дата звернення: 17.01.2025).
Yan R., Xu G., Qin X. Detect and identify DDoS attacks from flash crowd based on self- similarity and Renyi entropy. Chinese automation congress (CAC-2017), Jinan, 20–22 жовт. 2017 р. Jinan, 2017. Р. 7188–7194. https://doi.org/10.1109/cac.2017.8244075 (дата звернення: 17.01.2025).
Xia H., Xu W. Research on method of network abnormal detection based on hurst parameter estimation. In International conference on computer science and software engineering, Wuhan, China, 12–14 груд. 2008 р. Wuhan, China, 2008. Р. 559–562. https://doi.org/10.1109/csse.2008.1069 (дата звернення: 17.01.2025).
Smiesko J., Segec P., Kontsek M. Machine recognition of ddos attacks using statistical parameters. Mathematics. 2023. Т. 12, № 1. С. 142. https://doi.org/10.3390/math12010142 (дата звернення: 17.01.2025).
Ding C., Chen Y., Liu Z., Alshehri A.M., Liu T. Fractal characteristics of network traffic and its correlation with network security Fractals. 2022. Т. 30, № 02. https://doi.org/10.1142/s0218348x22400679 (дата звернення: 17.01.2025).
IDS 2018 Intrusion CSVs (CSE-CIC-IDS2018). Official sate. www.kaggle.com. URL: https://www.kaggle.com/datasets/solarmainframe/ids-intrusion-csv (дата звернення: 17.01.2025).
