COMPARATIVE STUDY OF DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACK DETECTION IN COMPUTER NETWORKS

Distributed Denial of Service (DDoS) attack is an internet crime that aims to consume server resources so that the server becomes unusable. Suricata, Snort and Wireshark are useful software applications for detecting DDoS attacks. This study aims to compare the performance of the snort, suricata and wireshark applications in detecting Distributed Denial of Service attacks. The comparison parameters used are the total attacks that can be detected and memory usage. The type of attack used in testing is syn flood and ping of death. The research results obtained by Suricata became the most effective application in this study compared to snort and wireshark. Suricata excels in memory usage in the two types of attacks performed with the percentage of memory usage being 0.1891 GB (4.975%) during syn flood attacks and 0.00114 GB (0.03%) during ping of death attacks. Suricata also excels in the percentage of the total number of detected ping of death attacks, namely 86,472%

Enhancement of detection mechanisms for HTTP based DoS/DDoS attacks

DoS (Denial of Service) and DDoS (Distributed Denial of Service) attacks are some of the vicious network layer attacks present in the world. More than 5.4 million DDoS attacks were reported in the first half of 2021. HTTP based Dos and DDoS attack, a type of DoS and DDoS attack, is a threat to the web applications as it brings damage to the application and the business. This paper sheds light on the current detection mechanisms of HTTP based DoS and DoS attacks and the limitations identified in these detection mechanisms. This paper focuses on the mitigation strategies for the HTTP based DoS and DDoS attacks. It is imperative to create efficient solutions to defend against such cyber-attacks and ensure proper network security in workplaces

A Review on Cybersecurity based on Machine Learning and Deep Learning Algorithms

Machin learning (ML) and Deep Learning (DL) technique have been widely applied to areas like image processing and speech recognition so far. Likewise, ML and DL plays a critical role in detecting and preventing in the field of cybersecurity. In this review, we focus on recent ML and DL algorithms that have been proposed in cybersecurity, network intrusion detection, malware detection. We also discuss key elements of cybersecurity, main principle of information security and the most common methods used to threaten cybersecurity. Finally, concluding remarks are discussed including the possible research topics that can be taken into consideration to enhance various cyber security applications using DL and ML algorithms

Addressing High False Positive Rates of DDoS Attack Detection Methods

Distributed denial of service (DDoS) attack detection methods based on the clustering method are ineffective in detecting attacks correctly. Service interruptions caused by DDoS attacks impose concerns for IT leaders and their organizations, leading to financial damages. Grounded in the cross industry standard process for data mining framework, the purpose of this ex post facto study was to examine whether adding the filter and wrapper methods prior to the clustering method is effective in terms of lowering false positive rates of DDoS attack detection methods. The population of this study was 225,745 network traffic data records of the CICIDS2017 network traffic dataset. The 10-fold cross validation method was applied to identify effective DDoS attack detection methods. The results of the 10-fold cross validation method showed that in some instances, addition of the filter and wrapper methods prior to the clustering method was effective in terms of lowering false positive rates of DDoS attack detection methods; in some instances, it was not. A recommendation to IT leaders is to deploy the effective DDoS attack detection method that produced the lowest false positive rate of 0.013 in detecting attacks outside of demilitarized zones to identify attacks directly from the Internet. Implications for positive social change is potentially in enabling organizations to protect their systems and provide uninterrupted services to their communities with reduced financial damages