Detecting Different Attack Instances of DDoS Vulnerabilities on Edge Network of Fog Computing using Gaussian Naive Bayesian Classifier

Fog computing generally uses the host's resources instead of acquiring resources from remote PC leading to less latency problems and moreover, improving the performance which makes it more competent. Distributed denials of service (DDOS) attack exhausts the existing resources which make the services inaccessible to genuine users. DDoS has deep impact on the computer networks. As a cyber-threat, it compromises the standard performance of the organization by Internet protocol (IP) spoofing, overflow of bandwidth, memory space consumption and leading to immense loss. DoS attacks are a great threat to computerized association. Primary objective of any defense system for DoS is knowledge that it exists, preferably as early prior to accumulation of attack traffic. In case of large traffic inflow to an attacked server, it is essential to categorize the legitimate acquisitions and intrusions. In this work, the authors present a model that draws out the key parameters from requests in traffic for DDoS attack recognition in fog network. It benefits from existing data, and presents competent algorithms to detect and predict most probable cases. Authors have used Bayesian Network to calculate the conditional probabilities to decide whether the new packet is normal or intruded. A log of the path of the attacker is maintained in a VHD so as to easily detect attacks that have previously occurred. Having both the systems in place, the false positives of DDoS attacks detection have decreased immensely which has been observed through the implementation of this experiment.