Skip to main content
SpringerLink
Log in

Detecting DDoS Attacks Using Machine Learning Techniques and Contemporary Intrusion Detection Dataset

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

Recent trends have revealed that DDoS attacks contribute to the majority of overall network attacks. Networks face challenges in distinguishing between legitimate and malicious flows. The testing and implementation of DDoS strategies are not easy to deploy due to many factors like complexities, rigidity, cost, and vendor specific architecture of current networking equipment and protocols. Work is being done to detect DDoS attacks by application of Machine Learning (ML) models but to find out the best ML model among the given choices, is still an open question. This work is motivated by two research questions: 1) which supervised learning algorithm will give the best outcomes to detect DDoS attacks. 2) What would be the accuracy of training these algorithms on a real-life dataset? We achieved more than 96% accuracy in the case of Random Forest Classifier and validated our results using two metrics. The outcome was also compared with the other works to confirm its adequacy. We also present a detailed analysis to support our findings.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.
Fig. 2.
Fig. 3.

Similar content being viewed by others

REFERENCES

  1. Cybersecurity Trends, 2018. https://www.incapsula.com/ddos/attack-glossary/high-orbit-ion-cannon.html. Accessed February 5, 2018.

  2. DDoS Attack, 2018. https://en.wikipedia.org/wiki/Denial-of-service_attack. Accessed February 8, 2018.

  3. Hacking Incidents, 2018. https://en.wikipedia.org/wiki/List_of_security_hacking_incidents. Accessed February 15, 2018.

  4. Transformation of DDoS attacks in Global warefare, 2018. https://qz.com/860630/ddos-attacks-have-gone-from-a-minor-nuisance-to-a-possible-new-form-of-global-warfare/. Accessed January 1, 2018.

  5. DDoS attacks Trend Report, 2018. https://www.cdnetworks.com/CDNetworks_Q3_2017_DDoS%20Attack% 20Trends%20Report_EN_201712.pdf. Accessed February 26, 2018.

  6. Robinson, R. and Thomas, C., Ranking of machine learning algorithms based on the performance in classifying DDoS attacks, Proceedings of the IEEE Recent Advances in Intelligent Computational Systems (RAICS), Trivandrum, 2015, pp. 185–190.

  7. Azab, A., Alazab, M., and Aiash, M., Machine learning based Botnet identification traffic, 2016 IEEE Trustcom/BigDataSE/ISPA, Tianjin, 2016, pp. 1788–1794.

  8. Agrawal, P.K., Gupta, B.B., and Jain, S., SVM based scheme for predicting number of zombies in a DDoS attack, 2011 European Intelligence and Security Informatics Conference, Athens, 2011, pp. 178–182.

  9. Chonka, A., Zhou, W., Singh, J., and Xiang, Y., Detecting and tracing DDoS attacks by intelligent decision prototype, 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom), Hong Kong, 2008, pp. 578–583.

  10. Jalil, K.A., Kamarudin, M.H., and Masrek, M.N., Comparison of machine learning algorithms performance in detecting network intrusion, 2010 International Conference on Networking and Information Technology, Manila, 2010, pp. 221–226.

  11. Balkanli, E., Alves, J., and Zincir-Heywood, A.N., Supervised learning to detect DDoS attacks, 2014 IEEE Symposium on Computational Intelligence in Cyber Security (CICS), Orlando, FL, 2014, pp. 1–8.

  12. Saad, S., et al., Detecting P2P Botnets through network behavior analysis and Machine Learning, 2011 Ninth Annual International Conference on Privacy, Security and Trust, Montreal, QC, 2011, pp. 174–180.

  13. Application of Machine Learning, 2018. https://medium.com/app-affairs/9-applications-of-machine-learning-from-day-to-day-life-112a47a429d0. Accessed February 5, 2018.

  14. Ayon Dey, Machine learning algorithms: A review, Int. J. Comput. Sci. Inf. Technol., 2016, vol. 7, no. 3, pp. 1174–1179.

    Google Scholar 

  15. Logistic Regression, 2018. https://machinelearningmastery.com/logistic-regression-for-machine-learning/. Accessed December 16, 2017.

  16. Types of Machine Learning Algorithms, 2017. https://towardsdatascience.com/types-of-machine-learning-algorithms-you-should-know-953a08248861. Accessed December 12, 2017.

  17. Supervised Machine Learning, 2017. https://en.wikipedia.org/wiki/Supervised_learning#Algorithms. Accessed October 2, 2017.

  18. Sci-kit Learn, Machine Learning in Python, 2017. http://scikit-learn.org/stable/. Accessed November 5, 2017.

  19. Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani, Toward generating a new intrusion detection dataset and intrusion traffic characterization, 4th International Conference on Information Systems Security and Privacy (ICISSP), Portugal, 2018.

  20. DDoS Attacks, 2017. https://en.wikipedia.org/wiki/Denial-of-service_attack. Accessed November 14, 2017.

  21. Chaudhary, A., Kolhe, S., and Kamal, R., An improved random forest classifier for multi-class classification, Inf. Process. Agric., 2016, vol. 3, no. 4, pp. 215–222.

    Google Scholar 

  22. Bharathidason, S. and Venkataeswaran, C.J., Improving classification accuracy based on random forest model with uncorrelated high performing trees, Int. J. Comput. Appl., 2014, vol. 101, no. 13, pp. 26–30.

    Google Scholar 

  23. Mellor, A., Haywood, A., Stone, C., and Jones, S., The performance of random forests in an operational setting for large area sclerophyll forest classification, Remote Sens., 2013, vol. 5, no. 6, pp. 2838–2856. https://doi.org/10.3390/rs5062838

    Article  Google Scholar 

  24. Almseidin, M., Alzubi, S., and Kovacs, M., Alkasassbeh, Evaluation of machine learning algorithms for intrusion detection system, 2017 IEEE 15th International Symposium on Intelligent Systems and Informatics (SISY), 2017, pp. 277–282.

  25. Gharib, A., Sharafaldin, I., Lashkari, A.H., and Ghorbani, A.A., An evaluation framework for intrusion detection dataset, Proc. 2016 International Conference on Information Science and Security (ICISS), 2016, pp. 1–6.

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science (HPU), Shimla, India

    Naveen Bindra &  Manu Sood

Authors
  1. Naveen Bindra
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Manu Sood
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Naveen Bindra or Manu Sood.

Ethics declarations

The authors declare that there is no conflict of interest regarding the publication of this paper.

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Naveen Bindra, Manu Sood Detecting DDoS Attacks Using Machine Learning Techniques and Contemporary Intrusion Detection Dataset. Aut. Control Comp. Sci. 53, 419–428 (2019). https://doi.org/10.3103/S0146411619050043

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411619050043

Keywords:

Search

Navigation