Qualitative evaluation of denial of service datasets

Camargo, Carla O.; Faria, Elaine R.; Zarpelão, Bruno Bogaz; Miani, Rodrigo Sanches

doi:10.1145/3229345.3229394

Cited by 2 publications

(2 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As noted by both Behal et al [6] and Camargo et al [20], most of the publicly available datasets -such as DARPA 1999 [21] or CAIDA 2007 [22] -are either outdated or lack the features essential for developing detection tools. Until now, we are not aware of a comparative study of the usability of the datasets in the literature to detect DDoS attacks against CSP infrastructures.…”

Section: Datasets Selectionmentioning

confidence: 99%

Scale matters: a Comparative Study of Datasets for DDoS Attack Detection in CSP Infrastructure

Boin,

Groléat,

Guillaume

et al. 2023

2023 IEEE 12th International Conference on Cloud Networking (CloudNet)

View full text Add to dashboard Cite

Denial of Service (DoS) and Distributed Denial of Service (DDoS) are attacks designed to take down a service by exhausting its resources. Lots of research have been carried in the past decades to design efficient algorithms that can detect these attacks. However, most of the literature on DoS and DDoS detection consider the protection of a small or medium size businesses network. Usually, these networks consist in several workstations and servers protected by few firewalls that can analyze all incoming network traffic. So that the research on DoS and DDoS can be reproduced and analyzed, several datasets, reflecting this network infrastructures have been proposed in the literature. However, more and more businesses are migrating their services to the cloud and are renting servers from Cloud Service Providers (CSP). If the CSP wants to protect its customers from DoS and DDoS attacks, it must perform detection on its infrastructure. This kind of infrastructure is in no way comparable to the ones usually found in the literature. In this paper, we propose to compare publicly available state-of-the-art datasets with real network traffic captured on the infrastructure of a world-scale CSP and discuss their relevance in the context of detecting volumetric DDoS attacks on CSP infrastructure.

show abstract

Section: Datasets Selectionmentioning

confidence: 99%

Scale matters: a Comparative Study of Datasets for DDoS Attack Detection in CSP Infrastructure

Boin,

Groléat,

Guillaume

et al. 2023

2023 IEEE 12th International Conference on Cloud Networking (CloudNet)

View full text Add to dashboard Cite

show abstract

“…The classification process used random tree and the accuracy by bagging was highest among the other methods at the test phase. There are several research works in this domain that used, NSL-KDD and UNSW-NB15 datasets either separately [7][8][9][10][11] or together for comparative analysis [12][13][14][15][16][17]. A partial list of where these two datasets and their predecessors were used was presented in [17].…”

Section: Machine Learning and Cybersecuritymentioning

confidence: 99%

Enhancing Machine Learning Prediction in Cybersecurity Using Dynamic Feature Selector

Ahsan

Gomes

Chowdhury

et al. 2021

JCP

View full text Add to dashboard Cite

Machine learning algorithms are becoming very efficient in intrusion detection systems with their real time response and adaptive learning process. A robust machine learning model can be deployed for anomaly detection by using a comprehensive dataset with multiple attack types. Nowadays datasets contain many attributes. Such high dimensionality of datasets poses a significant challenge to information extraction in terms of time and space complexity. Moreover, having so many attributes may be a hindrance towards creation of a decision boundary due to noise in the dataset. Large scale data with redundant or insignificant features increases the computational time and often decreases goodness of fit which is a critical issue in cybersecurity. In this research, we have proposed and implemented an efficient feature selection algorithm to filter insignificant variables. Our proposed Dynamic Feature Selector (DFS) uses statistical analysis and feature importance tests to reduce model complexity and improve prediction accuracy. To evaluate DFS, we conducted experiments on two datasets used for cybersecurity research namely Network Security Laboratory (NSL-KDD) and University of New South Wales (UNSW-NB15). In the meta-learning stage, four algorithms were compared namely Bidirectional Long Short-Term Memory (Bi-LSTM), Gated Recurrent Units, Random Forest and a proposed Convolutional Neural Network and Long Short-Term Memory (CNN-LSTM) for accuracy estimation. For NSL-KDD, experiments revealed an increment in accuracy from 99.54% to 99.64% while reducing feature size of one-hot encoded features from 123 to 50. In UNSW-NB15 we observed an increase in accuracy from 90.98% to 92.46% while reducing feature size from 196 to 47. The proposed approach is thus able to achieve higher accuracy while significantly lowering number of features required for processing.

show abstract

Qualitative evaluation of denial of service datasets

Cited by 2 publications

References 15 publications

Scale matters: a Comparative Study of Datasets for DDoS Attack Detection in CSP Infrastructure

Scale matters: a Comparative Study of Datasets for DDoS Attack Detection in CSP Infrastructure

Enhancing Machine Learning Prediction in Cybersecurity Using Dynamic Feature Selector

Contact Info

Product

Resources

About