| Title | Detection of DDoS Attack and Classification Using a Hybrid Approach |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Nandi, S., Phadikar, S., Majumder, K. |
| Conference Name | 2020 Third ISEA Conference on Security and Privacy (ISEA-ISAP) |
| Keywords | Bayes Net classifiers, Classifiers., cloud computing, Cloud Security, composability, computer network security, cross-validation, DDoS Attack, DDoS attack detection, DDoS category, DDoS detection, DDoS detection rate, decision table, discretize dataset, feature selection, Human Behavior, hybrid feature selection method, J48 classifier, KDD DDoS dataset, learning (artificial intelligence), machine learning, machine learning classifiers, Metrics, Naive Bayes Classifiers, naive Bayes methods, NSL DDoS dataset, NSL KDD dataset, pattern classification, pubcrawl, Random Forest, random forests, resilience, Resiliency, security of data, selected DDoS packets, weka tool |
| Abstract | In the area of cloud security, detection of DDoS attack is a challenging task such that legitimate users use the cloud resources properly. So in this paper, detection and classification of the attacking packets and normal packets are done by using various machine learning classifiers. We have selected the most relevant features from NSL KDD dataset using five (Information gain, gain ratio, chi-squared, ReliefF, and symmetrical uncertainty) commonly used feature selection methods. Now from the entire selected feature set, the most important features are selected by applying our hybrid feature selection method. Since all the anomalous instances of the dataset do not belong to DDoS category so we have separated only the DDoS packets from the dataset using the selected features. Finally, the dataset has been prepared and named as KDD DDoS dataset by considering the selected DDoS packets and normal packets. This KDD DDoS dataset has been discretized using discretize tool in weka for getting better performance. Finally, this discretize dataset has been applied on some commonly used (Naive Bayes, Bayes Net, Decision Table, J48 and Random Forest) classifiers for determining the detection rate of the classifiers. 10 fold cross validation has been used here for measuring the robustness of the system. To measure the efficiency of our hybrid feature selection method, we have also applied the same set of classifiers on the NSL KDD dataset, where it gives the best anomaly detection rate of 99.72% and average detection rate 98.47% similarly, we have applied the same set of classifiers on NSL DDoS dataset and obtain the average DDoS detection of 99.01% and the best DDoS detection rate of 99.86%. In order to compare the performance of our proposed hybrid method, we have also applied the existing feature selection methods and measured the detection rate using the same set of classifiers. Finally, we have seen that our hybrid approach for detecting the DDoS attack gives the best detection rate compared to some existing methods. |
| DOI | 10.1109/ISEA-ISAP49340.2020.234999 |
| Citation Key | nandi_detection_2020 |
Detection of DDoS Attack and Classification Using a Hybrid Approach