Critical review of machine learning approaches to apply big data analytics in DDoS forensics

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in Proceedings

Abstract

Distributed Denial of Service (DDoS) attacks are becoming more frequent and easier to execute. The sharp increase in network traffic presents challenges to conduct DDoS forensics. Despite different tools being developed, few take into account of the increase in network traffic. This research aims to recommend the best learning model for DDoS forensics. To this extend, the paper reviewed different literature to understand the challenges and opportunities of employing big data in DDoS forensics. Multiple simulations were carried out to compare the performance of different models. Two data mining tools WEKA and H2O were used to implement both supervised and unsupervised learning models. The training and testing of the models made use of intrusion dataset from oN-Line System - Knowledge Discovery & Data mining (NSL-KDD). The models are then evaluated according to their efficiency and accuracy. Overall, result shows that supervised learning algorithms perform better than unsupervised learning algorithms. It was found that Naïve Bayes, Gradient Boosting Machine and Distributed Random Forest are the most suitable model for DDoS detection because of its accuracy and time taken to train. Both Gradient Boosting Machine and Distributed Random Forest were further investigated to determine the parameters that can yield better accuracy. Future research can be extended by installing different DDoS detection models in an actual environment and compare their performances in actual attacks.
Original languageEnglish
Title of host publication2018 International Conference on Computer Communication and Informatics, ICCCI 2018
Place of PublicationCoimbatore, India
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages1-5
Number of pages5
ISBN (Electronic)978-1-5386-2238-4
ISBN (Print)978-1-5386-2239-1
DOIs
Publication statusPublished - 23 Aug 2018
Event8th International Conference on Computer Communication and Informatics, ICCCI 2018 - Coimbatore, India
Duration: 4 Jan 20186 Jan 2018

Conference

Conference8th International Conference on Computer Communication and Informatics, ICCCI 2018
CountryIndia
CityCoimbatore
Period4/01/186/01/18

Fingerprint Dive into the research topics of 'Critical review of machine learning approaches to apply big data analytics in DDoS forensics'. Together they form a unique fingerprint.

Cite this