Machine Learning Based DDoS Attack Detection

Distributed denial of service attack has more risk especially in the field of cyber security. The DDoS attack usually arises from the application layer or the network layer where the victims system and the attackers system are interconnected in a network. The effects of these attacks may vary from causing significant failures at the aimed servers to causing inconvenience for users to use a particular service. The DDoS attack brings reputation damage, productivity loss, revenue loss, and even theft for huge business firms and also for banking sectors. Hence there is a need for a good distributed denial detection and prevention technique. The major goal is to deliver optimum solution for these problems using feature analysis. When a heavy traffic flow is experienced at the targeted server, it is important to classify them as an attack or legitimate access. Therefore a novel method has been proposed for the detection of Distributed denial of service attacks through the traces in the traffic flow. A confusion matrix has been generated from these traces. Two classifiers namely Naive Bayes and Random Forest are used to classify the traffic as abnormal or normal, using the normal and attack profile obtained from existing datasets. Naive Bayes algorithm gives better results than Random Forest algorithm.