Skip to main content
SpringerLink
Log in

LEAESN: Predicting DDoS attack in healthcare systems based on Lyapunov Exponent Analysis and Echo State Neural Networks

  • 1181: Multimedia-based Healthcare Systems using Computational Intelligence
  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

The availability of the system is one of the main requirements of a multimedia-based e-health application that carries critical patient health information in the network environment. On the other hand, the Distributed Denial of Service (DDoS) attack is one of the most common attacks on the availability of computer networks which can be devastating for a healthcare system. Therefore, a countermeasure to this attack has to be performed in the early steps of the attack to protect the systems against its damages. Detection methods cannot support this and are only able to detect the attack after it happened. Thus, it is necessary to predict DDoS attacks according to the evidence which the attack makes in the network in the early steps of the attack. Therefore, Prediction approaches can reduce the cost of the attacks compared to detection approaches. In this paper, we propose a new method for prediction of DDoS attack based on Lyapunov Exponent Analysis and Echo State Network (LEAESN). In this method, the future traffic of the network is predicted using the Exponential Smoothing technique, then the time series of the prediction error is calculated based on the difference of this prediction and the observed traffic of the network. As shown in this paper, this time series is chaotic in the presence of attack traffics. To predict the DDoS attack, this time series is predicted using a Recurrent Neural Echo State Network (SCESN), and the attack is detected using Lyapunov exponent analysis on the predicted time series. For the evaluation of LEAESN, we test the method on the Darpa98 dataset which consists of a standard dataset for evaluation of intrusion detection systems. LEAESN has an appropriate ability to predict the DDoS attack.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

References

  1. Abbas H, Latif R, Latif S, Masood A (2016) Performance evaluation of Enhanced Very Fast Decision Tree (EVFDT) mechanism for distributed denial-of-service attack detection in health care systems. Ann Telecommun 71(9–10):477–487

    Article  Google Scholar 

  2. Akrami A, Rostami H, Khosravi MR (2020) Design of a reservoir for cloud-enabled echo state network with high clustering coefficient. EURASIP J Wirel Commun Netw 2020:1–14

    Article  Google Scholar 

  3. Alarqan MA, Zaaba ZF, Almomani A (2019) Detection mechanisms of DDoS Attack in cloud computing environment: A Survey. In: International Conference on Advances in Cyber Security. s.l.:Springer, Berlin, pp 138–152

  4. Bhattacharyya DK, Kalita JK (2016) DDoS attacks: evolution, detection, prevention, reaction, and tolerance. s.l.:Chapman and Hall/CRC, London

  5. Boeing G (2016) Visual analysis of nonlinear dynamical systems: chaos, fractals, self-similarity and the limits of prediction. Systems 4(4):37

    Article  Google Scholar 

  6. Bradley E, Kantz H (2015) Nonlinear time-series analysis revisited. Chaos 25(9):097610

    Article  MathSciNet  MATH  Google Scholar 

  7. Cao L (1997) Practical method for determining the minimum embedding dimension of a scalar time series. Phys D 110(1–2):43–50

    Article  MATH  Google Scholar 

  8. Chen Y, Ma X, Wu X (2013) DDoS detection algorithm based on preprocessing network traffic predicted method and chaos theory. IEEE Commun Lett 17(5):1052–1054

    Article  Google Scholar 

  9. Chonka A, Singh J, Zhou W (2009) Chaos theory based detection against network mimicking DDoS attacks. IEEE Commun Lett 13(9):717–719

    Article  Google Scholar 

  10. Cisco (2018) Cisco 2018 annual cybersecurity report, s.l.: Cisco, San Jose

  11. Darpa98 (1998) [Online] Available at: https://www.ll.mit.edu/r-d/datasets/1998-darpa-intrusion-detection-evaluation-data-set

  12. Farmer JD, Sidorowich JJ (1987) Predicting chaotic time series. Phys Rev Lett 59(8):845

    Article  MathSciNet  Google Scholar 

  13. Hilborn RC (2000) Chaos and nonlinear dynamics: an introduction for scientists and engineers. Oxford University Press on Demand, Oxford

  14. Huffaker R (2010) Phase space reconstruction from time series data: where history meets theory. Proc Food Syst Dyn :1–9. https://doi.org/10.18461/pfsd.2010.10017

  15. Jaeger H (2001) The “echo state” approach to analysing and training recurrent neural networks-with an erratum note. Germany: German National Research Center for Information Technology GMD Technical Report 148.34

  16. Karimazad R, Faraahi A (2011) An anomaly-based method for DDoS attacks detection using RBF neural networks. In: Proceedings of the International Conference on Network and Electronics Engineering

  17. Khosravi MR, Yazdi M (2018) A lossless data hiding scheme for medical images using a hybrid solution based on IBRW error histogram computation and quartered interpolation with greedy weights. Neural Comput Appl 30(7):2017–2028

    Article  Google Scholar 

  18. Kim H, Eykholt R, Salas JD (1999) Nonlinear dynamics, delay times, and embedding windows. Phys D 127(1):48–60

    Article  MATH  Google Scholar 

  19. Kolias C, Kambourakis G, Stavrou A, Voas J (2017) DDoS in the IoT: mirai and other botnets. Computer 50(7):80–84

    Article  Google Scholar 

  20. Lakhina A, Crovella M, Diot C (2004) Diagnosing network-wide traffic anomalies. ACM SIGCOMM Comput Commun Rev 34(4):219–230

    Article  Google Scholar 

  21. Lorenz E (1972) Predictability: Does the flap of a butterfly’s wings in brazil set off a tornado in Texas? AAAS 139th Meeting, USA. http://climate.envsci.rutgers.edu/climdyn2017/LorenzButterfly.pdf

  22. Ma X, Chen Y (2014) DDoS detection method based on chaos analysis of network traffic entropy. IEEE Commun Lett 18(1):114–117

    Article  Google Scholar 

  23. Najibi E, Rostami H (2015) SCESN, SPESN, SWESN: Three recurrent neural echo state networks with clustered reservoirs for prediction of nonlinear and chaotic time series. Appl Intell 43(2):460–472

    Article  Google Scholar 

  24. Nezhad SMT, Nazari M, Gharavol EA (2016) A novel DoS and DDoS attacks detection algorithm using ARIMA time series model and chaotic system in computer networks. IEEE Commun Lett 20(4):700–703

    Article  Google Scholar 

  25. Peddi SVB et al (2017) An intelligent cloud-based data processing broker for mobile e-health multimedia applications. Futur Gener Comput Syst 66:71–86

    Article  Google Scholar 

  26. Procopiou A, Komninos N, Douligeris C (2019) ForChaos: Real time application DDoS detection using forecasting and chaos theory in smart home IoT Network. Wirel Commun Mob Comput 2019:1–14

    Article  Google Scholar 

  27. Pyragas K (1993) Predictable chaos in slightly perturbed unpredictable chaotic systems. Phys Lett A 181(3):203–210

    Article  Google Scholar 

  28. Rickles D, Hawe P, Shiell A (2007) A simple guide to chaos and complexity. J Epidemiol Commun Health 61(11):933–937

    Article  Google Scholar 

  29. Rosenstein MT, Collins JJ, De Luca CJ (1993) A practical method for calculating largest Lyapunov exponents from small data sets. Phys D 65(1–2):117–134

    Article  MathSciNet  MATH  Google Scholar 

  30. Saied A, Overill RE, Radzik T (2016) Detection of known and unknown DDoS attacks using Artificial Neural Networks. Neurocomputing 172:385–393

    Article  Google Scholar 

  31. Somasundaram R, Thirugnanam M (2020) Review of security challenges in healthcare internet of things. Wireless Netw. https://link.springer.com/article/10.1007/s11276-020-02340-0

  32. Symantec (2018) 2018 internet security threat report. Access through https://www.pcmsystems.co.uk/news/2018-04-10/symantec-internet-securitythreat-report-2018

  33. Takens F (1981) Detecting strange attractors in turbulence. Lect Notes Math 898(1):366–381

    Article  MathSciNet  MATH  Google Scholar 

  34. Velliangiri S, Karthikeyan P, Vinoth Kumar V (2020) Detection of distributed denial of service attack in cloud computing using the optimization-based deep networks. J Exp Theor Artif Intell :1–20. https://doi.org/10.1080/0952813X.2020.1744196

  35. Verisign (2018) Verisign distributed denial of service trends report, s.l.: Verisign, Reston

  36. Wolf A, Swift B, Swinney JL, Vastano A (1985) Determining Lyapunov exponents from a time series. Phys D 16(3):285–317

    Article  MathSciNet  MATH  Google Scholar 

  37. Wu X, Chen Y (2013) Validation of chaos hypothesis in NADA and improved DDoS detection algorithm. IEEE Commun Lett 17(12):2396–2399

    Article  MathSciNet  Google Scholar 

  38. Zargar ST, Joshi J, Tipper D (2013) A survey of defense mechanisms against Distributed Denial of Service (DDoS) flooding attacks. IEEE Commun Surv Tutorials 15(4):2046–2069

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Engineering Department, Faculty of Intelligent Systems and Data Science, Persian Gulf University, Bushehr, 75168, Iran

    Hossein Salemi, Habib Rostami, Saeed Talatian-Azad & Mohammad Reza Khosravi

Authors
  1. Hossein Salemi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Habib Rostami
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Saeed Talatian-Azad
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mohammad Reza Khosravi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Habib Rostami.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Salemi, H., Rostami, H., Talatian-Azad, S. et al. LEAESN: Predicting DDoS attack in healthcare systems based on Lyapunov Exponent Analysis and Echo State Neural Networks. Multimed Tools Appl 81, 41455–41476 (2022). https://doi.org/10.1007/s11042-020-10179-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-020-10179-y

Keywords

Search

Navigation