Frequently used machine learning algorithm for detecting the distributed denial-of-service (DDoS) attacks

2021 ◽  
pp. 189-202
Author(s):  
Richa Pandey ◽  
Mahesh Banerjee
Keyword(s):  
Machine Learning ◽  
Learning Algorithm ◽  
Denial Of Service ◽  
Machine Learning Algorithm ◽  
Distributed Denial Of Service ◽  
Ddos Attacks

scholarly journals Comparative Study on TCP SYN Flood DDoS Attack Detection: A Machine Learning Algorithm Based Approach

2021 ◽  
Vol 16 ◽  
pp. 584-591
Author(s):  
S. Sumathi ◽  
R. Rajesh
Keyword(s):  
Machine Learning ◽  
Learning Algorithm ◽  
Denial Of Service ◽  
Attack Detection ◽  
Machine Learning Algorithm ◽  
Distributed Denial Of Service ◽  
Ddos Attack ◽  
Research Goal ◽  
Ddos Attack Detection ◽  
F Measure

A most common attack on the internet network is a Distributed Denial of Service (DDoS) attack, which involves occupying computational resources and bandwidth to suppress services to potential clients. The attack scenario is to massively flood the packets. The attack is called a denial of service (DoS) if the attack originates from a single server, and a distributed denial of service (DDoS) if the attack originates from multiple servers. Control and mitigation of DDoS attacks have been a research goal for many scholars for over a decade, and they have achieved in delivering a few major DDoS detection and protection techniques. In the current state of internet use, how quickly and early a DDoS attack can be detected in broadcasting network transactions remains a key research goal. After the development of a machine learning algorithm, many potential methods of DDoS attack detection have been developed. The work presents the results of various experiments carried out using data mining and machine learning algorithms as well as a combination of these algorithms on the commonly available dataset named CAIDA for TCP SYN flood attack detection. Also, this work analysis the various performance metrics such as false positive rate, precision, recall, F-measure and receiver operating characteristic (ROC) using various machine learning algorithm. One-R(OR) with an ideal FPR value of 0.05 and recall value of 0.95,decision stump(DS) with an ideal precision value of o.93,PART with an excellent F-measure value of 0.91 are some of the performance metric values while performing TCP SYN flood attack detection.

scholarly journals Using Machine Learning to Predict Distributed Denial-of-Service (DDoS) Attack

2021 ◽  
Author(s):  
Qozeem Adeniyi Adeshina ◽  
Baidya Nath Saha
Keyword(s):  
Machine Learning ◽  
Processing Speed ◽  
Learning Algorithm ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Machine Learning Classifiers ◽  
Learning Classifiers ◽  
Normal Network ◽  
Short Time ◽  
Proper Analysis

The IT space is growing in all aspects ranging from bandwidth, storage, processing speed, machine learning and data analysis. This growth has consequently led to more cyber threat and attacks which now requires innovative and predictive security approach that uses cutting-edge technologies in order to fight the menace. The patterns of the cyber threats will be observed so that proper analysis from different sets of data will be used to develop a model that will depend on the available data. Distributed Denial of Service is one of the most common threats and attacks that is ravaging computing devices on the internet. This research talks about the approaches and the development of machine learning classifiers to detect DDoS attacks before it eventually happen. The model is built with seven different selection techniques each using ten machine learning classifiers. The model learns to understand the normal network traffic so that it can detect an ICMP, TCP and UDP DDoS traffic when they arrive. The goal is to build a data-driven, intelligent and decision-making machine learning algorithm model that will use classifiers to categorize normal and DDoS traffic using KDD-99 dataset. Results have shown that some classifiers have very good predictions obtained within a very short time.

scholarly journals A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression

Proceedings ◽  
2020 ◽  
Vol 63 (1) ◽  
pp. 51
Author(s):  
Swathi Sambangi ◽  
Lakshmeeswari Gondi
Keyword(s):  
Machine Learning ◽  
Denial Of Service ◽  
Classification Problem ◽  
Attack Detection ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Multiple Sources ◽  
Denial Of Service Attack ◽  
Network Bandwidth

The problem of identifying Distributed Denial of Service (DDos) attacks is fundamentally a classification problem in machine learning. In relevance to Cloud Computing, the task of identification of DDoS attacks is a significantly challenging problem because of computational complexity that has to be addressed. Fundamentally, a Denial of Service (DoS) attack is an intentional attack attempted by attackers from single source which has an implicit intention of making an application unavailable to the target stakeholder. For this to be achieved, attackers usually stagger the network bandwidth, halting system resources, thus causing denial of access for legitimate users. Contrary to DoS attacks, in DDoS attacks, the attacker makes use of multiple sources to initiate an attack. DDoS attacks are most common at network, transportation, presentation and application layers of a seven-layer OSI model. In this paper, the research objective is to study the problem of DDoS attack detection in a Cloud environment by considering the most popular CICIDS 2017 benchmark dataset and applying multiple regression analysis for building a machine learning model to predict DDoS and Bot attacks through considering a Friday afternoon traffic logfile.

scholarly journals An Empirical Evaluation On Comparative Machine Learning Techniques For Detection of The Distributed Denial of Service (DDoS) Attacks

2020 ◽  
Vol 2 (1) ◽  
pp. 18-27
Author(s):  
Arnold Ojugo ◽  
Andrew Okonji Eboka
Keyword(s):  
Machine Learning ◽  
Denial Of Service ◽  
Empirical Evaluation ◽  
Machine Learning Techniques ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Secure Systems ◽  
Data Encoding ◽  
Signature Detection ◽  
Learning Techniques

The advent of the Internet that aided the efficient sharing of resources. Also, it has introduced adversaries whom are today restlessly in their continued efforts at an effective, non-detectable means to invade secure systems, either for fun or personal gains. They achieve these feats via the use of malware, which is both on the rise, wreaks havoc alongside causing loads of financial losses to users. With the upsurge to counter these escapades, users and businesses today seek means to detect these evolving behavior and pattern by these adversaries. It is also to worthy of note that adversaries have also evolved, changing their own structure to make signature detection somewhat unreliable and anomaly detection tedious to network administrators. Our study investigates the detection of the distributed denial of service (DDoS) attacks using machine learning techniques. Results shows that though evolutionary models have been successfully implemented in the detection DDoS, the search for optima is an inconclusive and continuous task. That no one method yields a better optima than hybrids. That with hybrids, users must adequately resolve the issues of data conflicts arising from the dataset to be used, conflict from the adapted statistical methods arising from data encoding, and conflicts in parameter selection to avoid model overtraining, over-fitting and over-parameterization.

scholarly journals Machine Learning Based Effective Classification of Distributed Denial of Service Attacks

2019 ◽  
Vol 9 (2) ◽  
pp. 1060-1064
Keyword(s):  
Machine Learning ◽  
Denial Of Service ◽  
Supervised Machine Learning ◽  
Machine Learning Techniques ◽  
Detection Accuracy ◽  
Learning Approach ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Learning Techniques ◽  
Machine Learning Approach

Distributed Denial of Service Attack (DDoS) is a deadliest weapon which overwhelm the server or network by sending flood of packets towards it. The attack disrupts the services running on the target thereby blocking the legitimate traffic accessing its services. Various advanced machine learning techniques have been applied for detection of different types of DDoS attacks but still the attack remains a potential threat to the world. There are mainly two broad categories of machine learning techniques: supervised machine learning approach and unsupervised machine learning approach. Supervised machine learning approach requires labelled attack traffic datasets whereas unsupervised machine learning approach analyses incoming network traffic and then categorizes it. In this paper we have attempted to apply four different classifiers for the detection of DDoS attacks. The four classifiers applied are Logistic Regression, Naïve Bayes, K- Nearest Neighbor and Artificial Neural Network. The chosen classifiers provide stable results when there is a large dataset. We compared their detection accuracy on KDD dataset which is a benchmark dataset in the field of network security. This paper is novel as it explains each pre-processing step with python conversion functions and explained in detail all the classifiers and detection accuracy with their functions in python as well.

scholarly journals Application Layer DDoS Attack Defense Methods and A new Defense Mechanism against Flooding

2020 ◽  
Vol 8 (6) ◽  
pp. 208-212
Keyword(s):  
Machine Learning ◽  
Defense Mechanisms ◽  
Defense Mechanism ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Network Environment ◽  
Ddos Attacks ◽  
Application Layer ◽  
New Approach ◽  
Ddos Attack

In a network environment, Distributed Denial of Service (DDoS) attacks eemploys a network or server is unavailable to its normal users. Application-layer Distributed Denial of Service (App-DDoS) attacks are serious issues for the webserver itself. The multitude and variety of such attacks and defense approaches are overwhelming. This paper here follows, we analyze the different defense mechanisms for application-layer DDoS attacks and proposes a new approach to defend using machine learning.

Sign in / Sign up

Export Citation Format

Share Document