DDoS Attack Detection Using Heuristics Clustering Algorithm and Naïve Bayes Classification

Authors: Sharmila Bista, Roshan Chitrakar

ABSTRACT
In recent times among the multitude of attacks present in network system, DDoS attacks have emerged to be the attacks with the most devastating effects. The main objective of this paper is to propose a system that effectively detects DDoS attacks appearing in any networked system using the clustering technique of data mining followed by classification. This method uses a Heuristics Clustering Algorithm (HCA) to cluster the available data and Naïve Bayes (NB) classification to classify the data and detect the attacks created in the system based on some network attributes of the data packet. The clustering algorithm is based in unsupervised learning technique and is sometimes unable to detect some of the attack instances and few normal instances, therefore classification techniques are also used along with clustering to overcome this classification problem and to enhance the accuracy. Naïve Bayes classifiers are based on very strong independence assumptions with fairly simple construction to derive the conditional probability for each relationship. A series of experiment is performed using “The CAIDA UCSD DDoS Attack 2007 Dataset” and “DARPA 2000 Dataset” and the efficiency of the proposed system has been tested based on the following performance parameters: Accuracy, Detection Rate and False Positive Rate and the result obtained from the proposed system has been found that it has enhanced accuracy and detection rate with low false positive rate.

Source:

Journal: Journal of Information Security
DOI: 10.4236/jis.2018.91004 (PDF)
Paper Id: 81174 (metadata)

See also: Comments to Paper

About scirp

(SCIRP: http://www.scirp.org) is an academic publisher of open access journals. It also publishes academic books and conference proceedings. SCIRP currently has more than 200 open access journals in the areas of science, technology and medicine. Readers can download papers for free and enjoy reuse rights based on a Creative Commons license. Authors hold copyright with no restrictions. SCIRP calculates different metrics on article and journal level. Citations of published papers are shown based on Google Scholar and CrossRef. Most of our journals have been indexed by several world class databases. All papers are archived by PORTICO to guarantee their availability for centuries to come.
This entry was posted in JIS. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *