Critical review of machine learning approaches to apply big data analytics in DDoS forensics

    Research output: Chapter in Book/Report/Conference proceedingConference Paper published in Proceedingspeer-review

    28 Citations (Scopus)

    Abstract

    Distributed Denial of Service (DDoS) attacks are becoming more frequent and easier to execute. The sharp increase in network traffic presents challenges to conduct DDoS forensics. Despite different tools being developed, few take into account of the increase in network traffic. This research aims to recommend the best learning model for DDoS forensics. To this extend, the paper reviewed different literature to understand the challenges and opportunities of employing big data in DDoS forensics. Multiple simulations were carried out to compare the performance of different models. Two data mining tools WEKA and H2O were used to implement both supervised and unsupervised learning models. The training and testing of the models made use of intrusion dataset from oN-Line System - Knowledge Discovery & Data mining (NSL-KDD). The models are then evaluated according to their efficiency and accuracy. Overall, result shows that supervised learning algorithms perform better than unsupervised learning algorithms. It was found that Naïve Bayes, Gradient Boosting Machine and Distributed Random Forest are the most suitable model for DDoS detection because of its accuracy and time taken to train. Both Gradient Boosting Machine and Distributed Random Forest were further investigated to determine the parameters that can yield better accuracy. Future research can be extended by installing different DDoS detection models in an actual environment and compare their performances in actual attacks.
    Original languageEnglish
    Title of host publication2018 International Conference on Computer Communication and Informatics, ICCCI 2018
    Place of PublicationPiscataway, NJ
    PublisherIEEE, Institute of Electrical and Electronics Engineers
    Pages1-5
    Number of pages5
    ISBN (Electronic)978-1-5386-2238-4
    ISBN (Print)978-1-5386-2239-1
    DOIs
    Publication statusPublished - 23 Aug 2018
    Event8th International Conference on Computer Communication and Informatics, ICCCI 2018 - Coimbatore, India
    Duration: 4 Jan 20186 Jan 2018

    Conference

    Conference8th International Conference on Computer Communication and Informatics, ICCCI 2018
    Country/TerritoryIndia
    CityCoimbatore
    Period4/01/186/01/18

    Fingerprint

    Dive into the research topics of 'Critical review of machine learning approaches to apply big data analytics in DDoS forensics'. Together they form a unique fingerprint.

    Cite this