Detection of different types of distributed denial of service attacks using multiple features of entropy and sequential probabilities ratio test
Distributed Denial of Service (DDoS) is the most dangerous attacks that targeted public servers. It is difficult for victims to detect these kinds of attacks because DDoS attacks can be done remotely and reflected by legal users in the network toward specific victim. The goal of this research is...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Published: |
Taylor's University
2023
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/107252/ https://jestec.taylors.edu.my/V18Issue2.htm |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Distributed Denial of Service (DDoS) is the most dangerous attacks that targeted
public servers. It is difficult for victims to detect these kinds of attacks because
DDoS attacks can be done remotely and reflected by legal users in the network
toward specific victim. The goal of this research is to locate compromised
interface and identify different types of DDoS attacks, especially up-to-date kinds
of them. Multiple features of Entropy and Sequential Probabilities Ratio Test
approach (E-SPRT) was proposed and implemented in order to detect different
types of DDoS attacks. CICFlowMeter was used to produce bidirectional
network flows and extract 82 of different features from each flow. Multiple
features of E-SPRT divide incoming flows into fixed groups that have same
number of flows called window size. CICDDoS2019 dataset was chosen in this
research because it contains various kinds of recent attacks. The performance of
all features of E-SPRT were tested by confusion matrix and compared with other
higher-accuracy techniques. Finally, the implemented model with different
features detects most up to date DDoS attacks and achieves an accuracy and
detection rate almost over 99%. |
|---|