James Halladay scite author profile

James Halladay

2Publications

1Citation Statement Received

75Citation Statements Given

How they've been cited

How they cite others

Affiliations

Colorado Mesa University

Publications

Order By: Most citations

Detection and Characterization of DDoS Attacks Using Time-Based Features

et al. 2022

View full text Add to dashboard Cite

In today's evolving cybersecurity landscape, distributed denial-of-service (DDoS) attacks have become one of the most prolific and costly threats. Their capability to incapacitate network services while causing millions of dollars in damages has made effective DDoS detection and prevention imperative for businesses and government entities alike. Prior research has found shallow and deep learning classifiers to be invaluable in detecting DDoS attacks; however, there is an absence of research concerning time-based features and classification among many DDoS attack types. In this article, we propose and study the efficacy of 25 time-based features to detect and classify 12 types of DDoS attacks using binary and multiclass classification. Furthermore, we ran experiments to compare the performance of eight traditional machine learning classifiers and one deep learning classifier using two different scenarios. Our findings show that the majority of models provided ∼99% accuracy on both the control and time-based experiments in detecting DDoS attacks while yielding ∼70% accuracy in classifying specific DDoS attack types. Training on the proposed time-based feature subset was found to be effective at reducing training time without compromising test accuracy; thus, the smaller time-based feature subset alone is beneficial for near-real time applications that incorporate continuous learning. INDEX TERMS Time-based features, distributed denial of service attacks, machine learning, deep learning, multiclass, CICDDoS2019.

show abstract

Evaluation of Synthetic Data Generation Techniques in the Domain of Anonymous Traffic Classification

et al. 2022

View full text Add to dashboard Cite

Anonymous network traffic is more pervasive than ever due to the accessibility of services such as virtual private networks (VPN) and The Onion Router (Tor). To address the need to identify and classify this traffic, machine and deep learning solutions have become the standard. However, highperforming classifiers often scale poorly when applied to real-world traffic classification due to the heavily skewed nature of network traffic data. Prior research has found synthetic data generation to be effective at alleviating concerns surrounding class imbalance, though a limited number of these techniques have been applied to the domain of anonymous network traffic detection. This work compares the ability of a Conditional Tabular Generative Adversarial Network (CTGAN), Copula Generative Adversarial Network (CopulaGAN), Variational Autoencoder (VAE), and Synthetic Minority Over-sampling Technique (SMOTE) to create viable synthetic anonymous network traffic samples. Moreover, we evaluate the performance of several shallow boosting and bagging classifiers as well as deep learning models on the synthetic data. Ultimately, we amalgamate the data generated by the GANs, VAE, and SMOTE into a comprehensive dataset dubbed CMU-SynTraffic-2022 for future research on this topic. Our findings show that SMOTE consistently outperformed the other upsampling techniques, improving classifiers' F1-scores over the control by ~7.5% for application type characterization. Among the tested classifiers, Light Gradient Boosting Machine achieved the highest F1-score of 90.3% on eight application types.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

James Halladay

Detection and Characterization of DDoS Attacks Using Time-Based Features

Evaluation of Synthetic Data Generation Techniques in the Domain of Anonymous Traffic Classification

Contact Info

Product

Resources

About