scholarly journals Machine Learning Based Effective Classification of Distributed Denial of Service Attacks

2019 ◽  
Vol 9 (2) ◽  
pp. 1060-1064
Keyword(s):  
Machine Learning ◽  
Denial Of Service ◽  
Supervised Machine Learning ◽  
Machine Learning Techniques ◽  
Detection Accuracy ◽  
Learning Approach ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Learning Techniques ◽  
Machine Learning Approach

Distributed Denial of Service Attack (DDoS) is a deadliest weapon which overwhelm the server or network by sending flood of packets towards it. The attack disrupts the services running on the target thereby blocking the legitimate traffic accessing its services. Various advanced machine learning techniques have been applied for detection of different types of DDoS attacks but still the attack remains a potential threat to the world. There are mainly two broad categories of machine learning techniques: supervised machine learning approach and unsupervised machine learning approach. Supervised machine learning approach requires labelled attack traffic datasets whereas unsupervised machine learning approach analyses incoming network traffic and then categorizes it. In this paper we have attempted to apply four different classifiers for the detection of DDoS attacks. The four classifiers applied are Logistic Regression, Naïve Bayes, K- Nearest Neighbor and Artificial Neural Network. The chosen classifiers provide stable results when there is a large dataset. We compared their detection accuracy on KDD dataset which is a benchmark dataset in the field of network security. This paper is novel as it explains each pre-processing step with python conversion functions and explained in detail all the classifiers and detection accuracy with their functions in python as well.

scholarly journals Machine-learning and statistical methods for DDoS attack detection and defense system in software defined networks

2021 ◽  
Author(s):  
Merlin James Rukshan Dennis
Keyword(s):  
Machine Learning ◽  
Random Forest ◽  
Statistical Approach ◽  
Denial Of Service ◽  
Attack Detection ◽  
Learning Approach ◽  
Ddos Attack ◽  
Machine Learning Approach ◽  
Ddos Detection ◽  
Ddos Attack Detection

Distributed Denial of Service (DDoS) attack is a serious threat on today’s Internet. As the traffic across the Internet increases day by day, it is a challenge to distinguish between legitimate and malicious traffic. This thesis proposes two different approaches to build an efficient DDoS attack detection system in the Software Defined Networking environment. SDN is the latest networking approach which implements centralized controller, which is programmable. The central control and the programming capability of the controller are used in this thesis to implement the detection and mitigation mechanisms. In this thesis, two designed approaches, statistical approach and machine-learning approach, are proposed for the DDoS detection. The statistical approach implements entropy computation and flow statistics analysis. It uses the mean and standard deviation of destination entropy, new flow arrival rate, packets per flow and flow duration to compute various thresholds. These thresholds are then used to distinguish normal and attack traffic. The machine learning approach uses Random Forest classifier to detect the DDoS attack. We fine-tune the Random Forest algorithm to make it more accurate in DDoS detection. In particular, we introduce the weighted voting instead of the standard majority voting to improve the accuracy. Our result shows that the proposed machine-learning approach outperforms the statistical approach. Furthermore, it also outperforms other machine-learning approach found in the literature.

scholarly journals A simulation work for generating a novel dataset to detect distributed denial of service attacks on Vehicular Ad hoc NETwork systems

2021 ◽  
Vol 17 (3) ◽  
pp. 155014772110002
Author(s):  
Fahd A Alhaidari ◽  
Alia Mohammed Alrehan
Keyword(s):  
Machine Learning ◽  
Ad Hoc Network ◽  
Ad Hoc ◽  
Denial Of Service ◽  
Vehicular Ad Hoc Network ◽  
Traffic Density ◽  
Support Vector ◽  
Denial Of Service Attacks ◽  
Distributed Denial Of Service ◽  
Network Systems

Vehicular Ad hoc NETwork is a promising technology providing important facilities for modern transportation systems. It has garnered much interest from researchers studying the mitigation of attacks including distributed denial of service attacks. Machine learning techniques, which mainly rely on the quality of the datasets used, play a role in detecting many attacks with a high level of accuracy. We conducted a comprehensive literature review and found many limitations on the datasets available for distributed denial of service attacks on Vehicular Ad hoc NETwork including the following: unavailability of online versions, an absence of distributed denial of service traffic, unrepresentative of Vehicular Ad hoc NETwork, and no information regarding the network configurations. Therefore, in this article, we proposed a novel simulation technique to generate a valid dataset called Vehicular Ad hoc NETwork distributed denial of service dataset, which is dedicated to Vehicular Ad hoc NETworks. Vehicular Ad hoc NETwork distributed denial of service dataset holds information on distributed denial of service attack traffic considering Vehicular Ad hoc NETwork architecture, traffic density, attack intensity, and nodes mobility. Well-known simulation tools such as SUMO, OMNeT++, Veins, and INET were used to ensure that all the properties of Vehicular Ad hoc NETwork have been captured. We then compared Vehicular Ad hoc NETwork distributed denial of service dataset with several studies to prove its novelty and evaluated the dataset using several machine learning models. We confirmed that studied models using this dataset achieved high accuracy above 99.5% except support-vector machine that achieved 97.3%.

scholarly journals Machine-learning and statistical methods for DDoS attack detection and defense system in software defined networks

2021 ◽  
Author(s):  
Merlin James Rukshan Dennis
Keyword(s):  
Machine Learning ◽  
Random Forest ◽  
Statistical Approach ◽  
Denial Of Service ◽  
Attack Detection ◽  
Learning Approach ◽  
Ddos Attack ◽  
Machine Learning Approach ◽  
Ddos Detection ◽  
Ddos Attack Detection

Distributed Denial of Service (DDoS) attack is a serious threat on today’s Internet. As the traffic across the Internet increases day by day, it is a challenge to distinguish between legitimate and malicious traffic. This thesis proposes two different approaches to build an efficient DDoS attack detection system in the Software Defined Networking environment. SDN is the latest networking approach which implements centralized controller, which is programmable. The central control and the programming capability of the controller are used in this thesis to implement the detection and mitigation mechanisms. In this thesis, two designed approaches, statistical approach and machine-learning approach, are proposed for the DDoS detection. The statistical approach implements entropy computation and flow statistics analysis. It uses the mean and standard deviation of destination entropy, new flow arrival rate, packets per flow and flow duration to compute various thresholds. These thresholds are then used to distinguish normal and attack traffic. The machine learning approach uses Random Forest classifier to detect the DDoS attack. We fine-tune the Random Forest algorithm to make it more accurate in DDoS detection. In particular, we introduce the weighted voting instead of the standard majority voting to improve the accuracy. Our result shows that the proposed machine-learning approach outperforms the statistical approach. Furthermore, it also outperforms other machine-learning approach found in the literature.

Sign in / Sign up

Export Citation Format

Share Document