DETECTION OF UDP FLOOD ATTACKS IN WIRELESS SENSOR NETWORKS BY VISUALIZATION ON PARALLEL COORDINATE PLOT
MetadataShow full item record
Distributed Denial of Service (DDoS) attacks are one of the most destructive attacks that threaten network systems’ security today. In this type of attack, the attacker tries to make a targeted computer or network unreachable to its intended users by incapacitating the server. Many detection and prevention tools, systems, and algorithms have been developed over the years to determine and restrain these intrusions. Many mechanisms that are available in the market try to visualize the after-effects of these breakthroughs. However, not many of them have explored the concept of using visualization itself for detecting these attacks. With technology growing day-by-day, Wireless Sensor Networks (WSNs) have gained popularity because these are very cost-effective and have other advantages over the wired networks. Like other technologies, these too are being harrowed by DDoS attacks. Therefore, there is much research interest in developing visualization-based detection models for WSNs. This field is still in its infant stage of development. This thesis’s framework is a detection model based on data visualization for User Datagram Packet (UDP) flood attacks on WSNs. A dataset is generated using the Cooja simulator to identify the resource consumption attributes under regular and attack situations. The dataset is then separated into their corresponding groups (attack and non-attack) using k-means and mini-batch k-means clustering algorithms. The clustered data is then visualized onto a Parallel Coordinate Map (PCM). The data points on PCM form a unique pattern, thus assisting the network administrator to quickly identify that an attack is taking place and can take necessary action. Performance comparison of both the clustering algorithms shows that mini-batch k-means exhibits an improvement of 10% over the k-means algorithm. The experiment’s outcome conveys that this model is simple yet effective in detecting DDoS attacks in WSNs.