Machine learning approach detects DDoS attacks
DOI:
https://doi.org/10.54654/isj.v1i15.850Keywords:
DDoSt, KNN, Decision Tree, Random Forest, SVMTóm tắt
Abstract— Denial of Service attacks have been around since the dawn of the internet age. Along with the development and explosion of the Internet, denial of service attacks are also increasingly powerful and become a serious threat in cyberspace. The article aims to evaluate machine learning algorithms: K-nearest neighbor (KNN) algorithm, Decision Tree, Random Forest algorithm and Support Vector Machine (SVM) on various metrics in detecting DDoS attacks. The main objective of the paper is to analyze the algorithms, collect data and evaluate the effectiveness of the algorithms in DDoS attack detection.
Tóm tắt— Tấn công từ chối dịch vụ đã xuất hiện từ những năm khởi nguyên của thời đại internet. Song hành cùng sự phát triển và bùng nổ của mạng Internet, tấn công từ chối dịch vụ cũng ngày càng mạnh mẽ và trở thành mối đe dọa nghiêm trọngtrên không gian mạng. Bài báo hướng tới đánh giá các thuật toán học máy: Thuật toán K láng giềng gần nhất (K-nearest neighbor - KNN), cây quyết định (Decision Tree), thuật toán rừng ngẫu nhiên (Random Forest) và máy vector hỗ trợ (Support Vector Machine - SVM) trêncác chỉ số đánh giá khác nhau trong việc phát hiện các cuộc tấn công DDoS. Mục tiêuchính của bài báo nhằm phân tích các thuật toán, thu thập đánh giá dữ liệu và tiến hành so sánh hiệu quả các thuật toánvào phát hiệntấn công DDoS.
Downloads
References
. Hội thảo “Bảo vệ mạng và dữ liệu khỏi các cuộc tấn công từ chối dịch vụ (DDoS) nhằm vào các tổ chức, doanh
nghiệp” - ngày 3-5-2019, Cục An toàn Thông tin, Báo VietnamNet, tổ chức Nexusguard Limited tổ chức.
. CERT Coordination Center, “Results of the Distributedsystems Intruder Tools Workshop”, năm 1999. Software Engineering Institute.
. L. Garber, Denial-of-Service Attacks Rip the Internet”, IEEE Computer, 33(4):12–17, 2000.
. D. Dittrich, “The DoS Project’s “trinoo” Distributed Denial of Service Attack Tool”, 21 tháng 10 năm 1999.
. D. Dittrich, “The “stacheldraht” distributed denial of service attack tool”, https://staff.washington.edu/dittrich/misc/stacheldr aht.analysis/, 31 tháng 12 năm 1999.
. D. Dittrich, “The Tribe Flood Network” Distributed Denial of Service Attack Tool” https://staff.washington.edu/dittrich/misc/tfn.analy sis/, 1999.
. D. Kumar, G. Rao, M. K. Singh, and G. Satyanarayana, “A Survey of Defense Mechanisms countering DDoS
Attacks in the Network”, Intl. Journal of Advanced Research in Computer and Communication Engineering, 2:2599–2606, tháng 7 năm 2013.
. Swathi Sambangi và Lakshmeeswari Gondi, “A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression” trong hội thảo quốc tế INTER- ENG 2020 Interdisciplinarity in Engineering lần thứ 14 tại Mures, Romania, 08/9/2020.
. P Sangkatsanee, N Wattanapongsakorn and C Charnsripinyo, “Practical real-time intrusion detection using machine learning approaches”, ELSEVIER Computer Communications 34(2011) 2227-2235.
. I Sofi, A Mahajan and V Mansotra, “Machine Leaming Techniques used for the Detection and Analysis ofn Modem Types of DDoS Attacks”, International Research Journal of Engineering and Technology (IRJET), Tập:04, tháng 06/2007.
Mahadev, V Kumar and H Sharma, “Detection and Analysis of DDoS Attack at Application Layer Using Naive Bayes Classifier”, Intemational Journal of Computer Engineering & Technology (IJCET), tập 9, 2018, pp. 208-217, Article IICET_09_03_025.
. S Duque, M Nizam bin Omar, “Using Data Mining Algorithms for developing a Model for Intrusion Detection System (IDS)”, ELSEVIER Procedia Computer Science 61 (2015) 46-51.
Downloads
Published
How to Cite
Issue
Section
License
Proposed Policy for Journals That Offer Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
Proposed Policy for Journals That Offer Delayed Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
