Computer networks are subject to an unprecedented number and variety of attack, the majority of which are distributed denial of service (DDoS). The nature and mechanisms employed in these DDoS attacks continually change, creating a significant challenge for detection and management. To address this evolving nature of attacks, approaches are required that can effectively detect and mitigate emerging attacks. In this paper, we provide a mechanism that not only detects the presence of a DDoS attacks but also identifies the route of attack and commences a process of mitigation at the initial stage of identification. The proposed research involves an optimized SVM classification algorithm integrated with SNORT IPS to provide prevention mechanisms for the entire network when subject to DDoS attack. The proposed IPS method allows traffic identified as legitimate to pass through the network, whereas suspect traffic is flagged and has to go through an identification system. We present the algorithm with experimental results that show better performance than simple Snort IPS, Probabilistic Neural Network (PNN), Back Propagation (BP), Chi-square, and PSO-SVM in terms of accuracy, exposure and specificity. These results show that the average accuracy rate of our method is 97 percent.
Distributed Denial of Service (DDoS) attacks, advanced persistent threats, and malware actively compromise the availability and security of Internet services. Thus, this paper proposes an intelligent agent system for detecting DDoS attacks using automatic feature extraction and selection. We used dataset CICDDoS2019, a custom-generated dataset, in our experiment, and the system achieved a 99.7% improvement over state-of-the-art machine learning-based DDoS attack detection techniques. We also designed an agent-based mechanism that combines machine learning techniques and sequential feature selection in this system. The system learning phase selected the best features and reconstructed the DDoS detector agent when the system dynamically detected DDoS attack traffic. By utilizing the most recent CICDDoS2019 custom-generated dataset and automatic feature extraction and selection, our proposed method meets the current, most advanced detection accuracy while delivering faster processing than the current standard.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.