On detecting distributed denial of service attacks using fuzzy inference system

Nowadays, attackers are constantly targeting the modern aspects of technology and attempting to abuse these technologies using different attacks types such as the distributed denial of service attack (DDoS). Therefore, protecting web services is not an easy task. There is a critical demand to detect and prevent DDoS attacks. This paper introduces a fuzzy inference-based anomaly-based intrusion detection (IDS) system to detect DDoS attacks. The aim of using the fuzzy inference system is to avoid binary decisions and, meanwhile, to avoid the issues associated with the deficiencies of IDS alert system awareness. This benefit could improve the IDS alert system's robustness and effectively produce more readable and understandable IDS alerts. The proposed detection model was applied to a recent open-source DDoS dataset. At the early stage of designing the proposed detection model, the DDoS dataset was preprocessed using the Info-gain features selection algorithm to deal with the relevant features only and reduce the complexity of the fuzzy inference system. The proposed detection model was tested, evaluated, and obtained a 96.25% accuracy rate and a false-positive rate of 0.006%. Moreover, it effectively smoothes the boundaries between normal and DDoS traffic. In addition, the results obtained from the proposed detection model were compared with other literature results. The results indicated that the detection accuracy of this work is competitive with other methods. In addition to this, this work offers more elements of trust in DDoS attack detection by following the strategy to avoid the binary decision and offering the required extension of the binary decision to the continuous space; hence, the attack level could be easily measured.