Intelligent feature selection using particle swarm optimization algorithm with a decision tree for DDoS attack detection

The explosive development of information technology is increasingly rising cyber-attacks. Distributed denial of service (DDoS) attack is a malicious threat to the modern cyber-security world, which causes performance disruption to the network servers. It is a pernicious type of attack that can forward a large amount of traffic to damage one or all target’s resources simultaneously and prevents authenticated users from accessing network services. The paper aims to select the least number of relevant DDoS attack detection features by designing an intelligent wrapper feature selection model that utilizes a binary-particle swarm optimization algorithm with a decision tree classifier. In this paper, the Binary-particle swarm optimization algorithm is used to resolve discrete optimization problems such as feature selection and decision tree classifier as a performance evaluator to evaluate the wrapper model’s accuracy using the selected features from the network traffic flows. The model’s intelligence is indicated by selecting 19 convenient features out of 76 features of the dataset. The experiments were accomplished on a large DDoS dataset. The optimal selected features were evaluated with different machine learning algorithms by performance measurement metrics regarding the accuracy, Recall, Precision, and F1-score to detect DDoS attacks. The proposed model showed a high accuracy rate by decision tree classifier 99.52%, random forest 96.94%, and multi-layer perceptron 90.06 %. Also, the paper compares the outcome of the proposed model with previous feature selection models in terms of performance measurement metrics. This outcome will be useful for improving DDoS attack detection systems based on machine learning algorithms. It is also probably applied to other research topics such as DDoS attack detection in the cloud environment and DDoS attack mitigation systems

Seleksi Fitur Dengan Information Gain Untuk Meningkatkan Deteksi Serangan DDoS menggunakan Random Forest

Tantangan deteksi serangan saat ini adalah jumlah trafik yang besar dan beragam serta hadir jenis serangan baru. Sehingga diperlukan teknik baru untuk meningkatkan performa deteksi. Dengan pesatnya perkembangan teknologi layanan komunikasi, menghasilkan trafik dengan informasi yang beragam. Pada dasarnya tidak semua informasi pada trafik jaringan digunakan untuk mendeteksi serangan seperti DDoS. Penelitian ini bertujuan meningkatkan performa Random Forest dalam mendeteksi serangan DDoS dengan seleksi fitur menggunakan teknik Information Gain. Berdasarkan hasil eksperimen diperoleh bahwa teknik yang diusulkan mampu meningkatkan akurasi deteksi DDoS hingga 99.99% dengan tingkat alarm palsu 0.00

DDoS: DeepDefence and Machine Learning for identifying attacks

Distributed Denial of Service (DDoS) attacks are very common type of computer attack in the world of internet today. Automatically detecting such type of DDoS attack packets & dropping them before passing through the network is the best prevention method. Conventional solution only monitors and provide the feedforward solution instead of the feedback machine-based learning. A Design of Deep neural network has been suggested in this work and developments have been made on proactive detection of attacks. In this approach, high level features are extracted for representation and inference of the dataset. Experiment has been conducted based on the ISCX dataset published in year 2017,2018 and CICDDoS2019 and program has been developed in Matlab R17b, utilizing Wireshark for features extraction from the datasets. Network Intrusion attacks on critical oil and gas industrial installation become common nowadays, which in turn bring down the giant industrial sites to standstill and suffer financial impacts. This has made the production companies to started investing millions of dollars revenue to protect their critical infrastructure with such attacks with the active and passive solutions available. Our thesis constitutes a contribution to such domain, focusing mainly on security of industrial network, impersonation and attacking with DDoS