Analysis and Detection of DDoS Attacks Using Machine Learning Techniques
AbstractOver the past years, distributed denial-of-service (DDoS) attacks on Internet services and websites have dramatically increased. Several research teams designed defensive methodologies to handle the DDoS attacks. Using machine learning-based solutions have enabled researchers to detect DDoS attacks with complex and dynamic patterns. In this work, a subset of the CICIDS2017 dataset, including 200K samples and 84 features, was used to analyze the features and build models. A correlation analysis, as well as a tree-based feature importance exploration, were performed in the feature engineering step. Next, decision tree and support vector machine models were trained and tested to classify DDoS and Benign attacks. The results revealed that “Flow ID,” “SYN Flag Cnt,” and “Dst IP” had the most impact on attack detection. Also, the machine learning models classified the DDoS attacks, where the accuracy rates of close to 100% were achieved. The decision tree models showed slightly better performance than linear support vector machines. The results in this work highly matched the outcome of the original paper, which was to replicate.
Komar, M., et al. Deep Neural Network for Detection of Cyber Attacks. in 2018 IEEE First International Conference on System Analysis & Intelligent Computing (SAIC). 2018. IEEE.
Sarraf, S., 5G Emerging Technology and Affected Industries: Quick Survey. American Scientific Research Journal for Engineering, Technology, and Sciences (ASRJETS), 2019. 55(1): p. 75-82.
Stone-Gross, B., et al. Your botnet is my botnet: analysis of a botnet takeover. in Proceedings of the 16th ACM conference on Computer and communications security. 2009. ACM.
Lau, F., et al. Distributed denial of service attacks. in Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics.'cybernetics evolving to systems, humans, organizations, and their complex interactions'(cat. no. 0. 2000. IEEE.
Nazario, J., Politically motivated denial of service attacks. The Virtual Battlefield: Perspectives on Cyber Warfare, 2009(s 165).
Weiss, J., DDoS Detection Using Deep Neural Networks on Packet Flows. 2019.
Holl, P., Exploring DDoS defense mechanisms. Network, 2015. 25.
M Devendra Prasad, P.B.V., C Amarnath, Machine Learning DDoS Detection Using Stochastic Gradient Boosting. International Journal of Computer Sciences and Engineering, 2019. 7(4): p. 157-16.
Sugumaran, V., V. Muralidharan, and K. Ramachandran, Feature selection using decision tree and classification through proximal support vector machine for fault diagnostics of roller bearing. Mechanical systems and signal processing, 2007. 21(2): p. 930-942.
Rokach, L. and O.Z. Maimon, Data mining with decision trees: theory and applications. Vol. 69. 2008: World scientific.
Suykens, J.A. and J. Vandewalle, Least squares support vector machine classifiers. Neural processing letters, 1999. 9(3): p. 293-300.
Sarraf, S., et al., MCADNNet: Recognizing Stages of Cognitive Impairment Through Efficient Convolutional fMRI and MRI Neural Network Topology Models. IEEE Access, 2019. 7: p. 155584-155600.
Copyright (c) 2020 American Scientific Research Journal for Engineering, Technology, and Sciences (ASRJETS)
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Authors who submit papers with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
- By submitting the processing fee, it is understood that the author has agreed to our terms and conditions which may change from time to time without any notice.
- It should be clear for authors that the Editor In Chief is responsible for the final decision about the submitted papers; have the right to accept\reject any paper. The Editor In Chief will choose any option from the following to review the submitted papers:A. send the paper to two reviewers, if the results were negative by one reviewer and positive by the other one; then the editor may send the paper for third reviewer or he take immediately the final decision by accepting\rejecting the paper. The Editor In Chief will ask the selected reviewers to present the results within 7 working days, if they were unable to complete the review within the agreed period then the editor have the right to resend the papers for new reviewers using the same procedure. If the Editor In Chief was not able to find suitable reviewers for certain papers then he have the right to accept\reject the paper.B. sends the paper to a selected editorial board member(s). C. the Editor In Chief himself evaluates the paper.
- Author will take the responsibility what so ever if any copyright infringement or any other violation of any law is done by publishing the research work by the author
- Before publishing, author must check whether this journal is accepted by his employer, or any authority he intends to submit his research work. we will not be responsible in this matter.
- If at any time, due to any legal reason, if the journal stops accepting manuscripts or could not publish already accepted manuscripts, we will have the right to cancel all or any one of the manuscripts without any compensation or returning back any kind of processing cost.
- The cost covered in the publication fees is only for online publication of a single manuscript.