Denial of service (DOS) and distributed denial of service (DDOS) attacks on computer systems are a major concern to those charged with keeping online services running and protecting systems and those who use them. Such intrusions are difficult to thwart although their effects are often obvious. As the names suggested they commonly overwhelm a system so that services cannot be provided to legitimate users.
Denial of service attacks are often carried out for malicious purposes or as part of a protest against a particular service or company. It might also be done so that loopholes in the system security might be opened up allowing a third party to extract information, such as user details and passwords, while the attack is underway. Such attacks may also be random, run by botnets and the like or even purely for the entertainment of the perpetrator without any malign intent.
Writing in the International Journal of Business Information Systems, a team from India, review the state of the art in how machine learning might be used to combat DOS and DDOS attacks.
Shweta Paliwal, Vishal Bharti, and Amit Kumar Mishra of the Department of Computer Science and Engineering at DIT University in Uttarakhand, point out that the advent of the so-called Internet of Things means that there are many more unattended and unmonitored devices connected continuously to the internet that can be recruited to mount DDOS attacks. Fundamentally, a malicious third party can exploit vulnerabilities in the protocols, such as HTTP that serves web pages to legitimate users to overwhelm a system. The distributed nature of such attacks means that focusing on a single source for the attack and blocking it is not possible without blocking legitimate users. Machine learning tools, however, might make transparent those devices addressing the system through HTTP that are not legitimate and allow a security layer to block the attack.
Paliwal, S., Bharti, V. and Mishra, A.K. (2022) ‘Machine learning combating DOS and DDOS attacks’, Int. J. Business Information Systems, Vol. 40, No. 2, pp.177–191.DDOS