A novel feature-based framework enabling multi-type DDoS attacks detection

Lu, Zhou; Zhu, Ye; Xiang, Yong; Zong, Tianrui

doi:10.1007/s11280-022-01040-3

Cited by 8 publications

(8 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several studies have explored the use of ML models for DDoS attack detection. For example, In the previous study [2] on different types of DDoS attacks, and a novel approach was developed to detect them using five new features derived from heterogeneous packets. These features include the rate of entropy of IP source flow, packet size and number of unreachable packets of ICMP destination.…”

Section: Literature Surveymentioning

confidence: 99%

Real-time Visualization and Classification of DDoS Attack using Supervised Learning Algorithms

R A,

G K

et al. 2024

Proceedings of the 1st International Conference on Artificial Intelligence, Communication, IoT, Data Engineering and Security,

View full text Add to dashboard Cite

With increased reliance on the Internet for various services, Distributed Denial of Service (DDoS) attacks are a major concern for organizations. DDoS attacks causes significant damage to the target system, leading to service downtime, data loss, and financial losses. To mitigate the impact of DDoS attacks, effective detection mechanisms are necessary. In this paper, a machine learning-based approach for DDoS attack detection is proposed. NSL-KDD Dataset of network traffic data containing both normal and attack traffic were used and various visualization techniques and machine learning models, including Random Forest Classifier, K-Nearest Neighbours Classifier and Logistic Regression were applied. The performance of these models was evaluated using crossvalidation and their accuracies were measured. The experimental results show that Random Forest Classifier outperforms other models with an accuracy of 99.33% before and after applying post pruning method. The experiment also focused on the false positives and false negatives and the implications of the results were discussed.

show abstract

Section: Literature Surveymentioning

confidence: 99%

Real-time Visualization and Classification of DDoS Attack using Supervised Learning Algorithms

R A,

G K

et al. 2024

Proceedings of the 1st International Conference on Artificial Intelligence, Communication, IoT, Data Engineering and Security,

View full text Add to dashboard Cite

show abstract

“…Distributed Denial of Service (DDoS) attacks exist as one of the greatest threats to the Internet [1]. These attacks consume network resources by preventing the provision of regular services [2].…”

Section: Introductionmentioning

confidence: 99%

“…These attacks are intended to make the target server inaccessible by overwhelming its resources. These resources include the CPU, memory, and network bandwidth connections [1]. DDoS attacks have become commonplace and effective due to their efficiency and concealment [2].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Comparing Metaheuristic Search Techniques in Addressing the Effectiveness of Clustering-Based DDoS Attack Detection Methods

Zeinalpour,

McElroy

2024

Electronics

View full text Add to dashboard Cite

Distributed Denial of Service (DDoS) attacks have increased in frequency and sophistication over the last ten years. Part of the challenge of defending against such attacks requires the analysis of very large volumes of data. Metaheuristic algorithms can assist in selecting relevant features from the network traffic data for use in DDoS detection models. By efficiently exploring different combinations of features, these methods can identify subsets that are informative for distinguishing between normal and attack traffic. However, identifying an optimized solution in this area is an open research question. Tuning the parameters of metaheuristic search techniques in the optimization process is critical. In this study, a switching approximation is used in a variety of metaheuristic search techniques. This approximation is used to find the best solution for the analysis of the network traffic features in either lower or upper values between 0 and 1. We compare the fine-tuning of this parameter against standard approaches and find that it is not substantially better than the BestFirst algorithm (a standard default approach for feature selection). This study contributes to the literature by testing and eliminating various fine-tuning strategies for the metaheuristic approach.

show abstract

“…There are several types of DDoS attacks that can be generated by attackers from anywhere. These attacks encompass ICMP flood, UDP flood, Ping of Death, Slowloris, Zero-day attack, Smurf, and TCP SYN flood [6]. In order to protect against DDoS attacks, a robust and effective detection strategy is crucial.…”

Section: Introductionmentioning

confidence: 99%

DDoS Classification using Combined Techniques

Yusof,

Safar,

Abdullah

et al. 2024

IJACSA

View full text Add to dashboard Cite

Now-a-days, the attacker's favourite is to disrupt a network system. An attacker has the capability to generate various types of DDoS attacks simultaneously, including the Smurf attack, ICMP flood, UDP flood, and TCP SYN flood. This DDoS issue encouraged the design of a classification technique against DDoS attacks that enter a computer network environment. The technique is called Packet Threshold Algorithm (PTA) and is combined with several machine learning to classify incoming packets that have been captured and recorded. Apart from that, the combination of techniques can differentiate between normal packets and DDoS attacks. The performance of all techniques in the research achieved high detection accuracy while mitigating the issue of a high false positive rate. The four techniques focused in this research are PTA-SVM, PTA-NB, PTA-LR and PTA-KNN. Based on the results of detection accuracy and false positive rate for all the techniques involved, it proves the PTA-KNN technique is a more effective technique in the context of detection of incoming packets whether DDoS attacks or normal packets.

show abstract

A novel feature-based framework enabling multi-type DDoS attacks detection

Cited by 8 publications

References 45 publications

Real-time Visualization and Classification of DDoS Attack using Supervised Learning Algorithms

Real-time Visualization and Classification of DDoS Attack using Supervised Learning Algorithms

Comparing Metaheuristic Search Techniques in Addressing the Effectiveness of Clustering-Based DDoS Attack Detection Methods

DDoS Classification using Combined Techniques

Contact Info

Product

Resources

About