Predict And Prevent DDOS Attacks Using Machine Learning and Statistical Algorithms
- URL: http://arxiv.org/abs/2308.15674v1
- Date: Wed, 30 Aug 2023 00:03:32 GMT
- Title: Predict And Prevent DDOS Attacks Using Machine Learning and Statistical Algorithms
- Authors: Azadeh Golduzian,
- Abstract summary: This study uses several machine learning and statistical models to detect DDoS attacks from traces of traffic flow.
The XGboost machine learning model provided the best detection accuracy of (99.9999%) after applying the SMOTE approach to the target class.
- Score: 0.0
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: A malicious attempt to exhaust a victim's resources to cause it to crash or halt its services is known as a distributed denial-of-service (DDoS) attack. DDOS attacks stop authorized users from accessing specific services available on the Internet. It targets varying components of a network layer and it is better to stop into layer 4 (transport layer) of the network before approaching a higher layer. This study uses several machine learning and statistical models to detect DDoS attacks from traces of traffic flow and suggests a method to prevent DDOS attacks. For this purpose, we used logistic regression, CNN, XGBoost, naive Bayes, AdaBoostClassifier, KNN, and random forest ML algorithms. In addition, data preprocessing was performed using three methods to identify the most relevant features. This paper explores the issue of improving the DDOS attack detection accuracy using the latest dataset named CICDDoS2019, which has over 50 million records. Because we employed an extensive dataset for this investigation, our findings are trustworthy and practical. Our target class (attack class) was imbalanced. Therefore, we used two techniques to deal with imbalanced data in machine learning. The XGboost machine learning model provided the best detection accuracy of (99.9999%) after applying the SMOTE approach to the target class, outperforming recently developed DDoS detection systems. To the best of our knowledge, no other research has worked on the most recent dataset with over 50 million records, addresses the statistical technique to select the most significant feature, has this high accuracy, and suggests ways to avoid DDOS attackI.
Related papers
- A Flow is a Stream of Packets: A Stream-Structured Data Approach for DDoS Detection [32.22817720403158]
We propose a new tree-based DDoS detection approach that operates on a flow as a stream structure.
Our approach matches or exceeds existing machine learning techniques' accuracy, including state-of-the-art deep learning methods.
arXiv Detail & Related papers (2024-05-12T09:29:59Z) - Digital Twin-Enabled Intelligent DDoS Detection Mechanism for Autonomous
Core Networks [13.49717874638757]
Existing distributed denial of service attack (DDoS) solutions cannot handle highly aggregated data rates.
This article proposes a digital twin-enabled intelligent DDoS detection mechanism using an online learning method for autonomous systems.
arXiv Detail & Related papers (2023-10-19T17:19:38Z) - My Brother Helps Me: Node Injection Based Adversarial Attack on Social Bot Detection [69.99192868521564]
Social platforms such as Twitter are under siege from a multitude of fraudulent users.
Due to the structure of social networks, the majority of methods are based on the graph neural network(GNN), which is susceptible to attacks.
We propose a node injection-based adversarial attack method designed to deceive bot detection models.
arXiv Detail & Related papers (2023-10-11T03:09:48Z) - A Novel Supervised Deep Learning Solution to Detect Distributed Denial
of Service (DDoS) attacks on Edge Systems using Convolutional Neural Networks
(CNN) [0.41436032949434404]
This project presents a novel deep learning-based approach for detecting DDoS attacks in network traffic.
The algorithm employed in this study exploits the properties of Convolutional Neural Networks (CNN) and common deep learning algorithms.
The results of this study demonstrate the effectiveness of the proposed algorithm in detecting DDOS attacks, achieving an accuracy of.9883 on 2000 unseen flows in network traffic.
arXiv Detail & Related papers (2023-09-11T17:37:35Z) - Poisoning Web-Scale Training Datasets is Practical [73.34964403079775]
We introduce two new dataset poisoning attacks that intentionally introduce malicious examples to a model's performance.
First attack, split-view poisoning, exploits the mutable nature of internet content to ensure a dataset annotator's initial view of the dataset differs from the view downloaded by subsequent clients.
Second attack, frontrunning poisoning, targets web-scale datasets that periodically snapshot crowd-sourced content.
arXiv Detail & Related papers (2023-02-20T18:30:54Z) - Black-box Dataset Ownership Verification via Backdoor Watermarking [67.69308278379957]
We formulate the protection of released datasets as verifying whether they are adopted for training a (suspicious) third-party model.
We propose to embed external patterns via backdoor watermarking for the ownership verification to protect them.
Specifically, we exploit poison-only backdoor attacks ($e.g.$, BadNets) for dataset watermarking and design a hypothesis-test-guided method for dataset verification.
arXiv Detail & Related papers (2022-08-04T05:32:20Z) - Filtering DDoS Attacks from Unlabeled Network Traffic Data Using Online
Deep Learning [7.683035842994701]
DDoS attacks are simple, effective, and still pose a significant threat even after more than two decades.
There are challenges in adopting deep learning solutions due to the ever-changing profiles, the lack of labeled data, and constraints in the online setting.
In this paper, we propose two frameworks that utilize both the historic $mathcal N$ and the mixture $mathcal M$ traffic obtained during attacks.
arXiv Detail & Related papers (2020-12-12T12:39:05Z) - Knowledge-Enriched Distributional Model Inversion Attacks [49.43828150561947]
Model inversion (MI) attacks are aimed at reconstructing training data from model parameters.
We present a novel inversion-specific GAN that can better distill knowledge useful for performing attacks on private models from public data.
Our experiments show that the combination of these techniques can significantly boost the success rate of the state-of-the-art MI attacks by 150%.
arXiv Detail & Related papers (2020-10-08T16:20:48Z) - Witches' Brew: Industrial Scale Data Poisoning via Gradient Matching [56.280018325419896]
Data Poisoning attacks modify training data to maliciously control a model trained on such data.
We analyze a particularly malicious poisoning attack that is both "from scratch" and "clean label"
We show that it is the first poisoning method to cause targeted misclassification in modern deep networks trained from scratch on a full-sized, poisoned ImageNet dataset.
arXiv Detail & Related papers (2020-09-04T16:17:54Z) - Anomaly Detection-Based Unknown Face Presentation Attack Detection [74.4918294453537]
Anomaly detection-based spoof attack detection is a recent development in face Presentation Attack Detection.
In this paper, we present a deep-learning solution for anomaly detection-based spoof attack detection.
The proposed approach benefits from the representation learning power of the CNNs and learns better features for fPAD task.
arXiv Detail & Related papers (2020-07-11T21:20:55Z) - Detecting Network Anomalies using Rule-based machine learning within
SNMP-MIB dataset [0.5156484100374059]
This paper developed a network traffic system that relies on adopted dataset to differentiate the DOS attacks from normal traffic.
The detection model is built with five Rule-based machine learning classifiers (DecisionTable, JRip, OneR, PART and ZeroR)
arXiv Detail & Related papers (2020-01-18T13:05:41Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.