A Novel Distributed Semi-Supervised Approach for Detection of Network Based Attacks

In today's communications world Internet has become backbone of services and applications. However, its tremendous success has made it vulnerable to attacks by malicious users as well. Various kinds of network based attacks, like Distributed Denial of Service, Spam based attacks, Botnets based attacks, Malwares, etc. are launched causing denial of services to its legitimate users. Detection of malicious packet traces in the network traffic has always proved to be challenging task due to its high volume and velocity. Both academicians and researchers have worked on techniques for timely detection and mitigation of these attacks. Due to ever changing behavior of these attacks anomaly based detection techniques have proved to be more successful. They however suffer from high false detection rates. Semi-supervised techniques based on traditional machine learning algorithms have efficient. But raw network traffic detection using machine learning been found to be highly is unlabeled and attack algorithms needs labeled datasets. It therefore is required to provide a framework that can be used to handle large packet traces for conversion to labelled data to be further processed by classification algorithms. In this paper work has been done to label the data using K-Means clustering in distributed framework and comparison of classification techniques names Decision Tree and Random Forest.