DDoS Intrusion Detection Through Machine Learning Ensemble

Das, Saikat; Mahfouz, Ahmed; Venugopal, Deepak; Shiva, Sajjan G.

doi:10.1109/qrs-c.2019.00090

Cited by 64 publications

(33 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The main reason behind the selection of these metrics for performance evaluation is that they are popularly used in the literature to evaluate the performance of classification algorithms. 52,54,58,59 Moreover, our focus is on studying the effectiveness of classifiers in terms of their capability to detect attacks. Therefore, we have chosen precision, recall, and F-measure over false alarm rate (FAR).…”

Section: Performance Indicatorsmentioning

confidence: 99%

“…The performance was measured in terms of detection rate and computational time. Das et al 52 proposed an IDS to detect the DDoS attacks that utilize a voting‐based ensemble model as a detection method. The ensemble model combines four different classifiers, that is, MLP, SVM, k ‐NN, and DT.…”

Section: Related Workmentioning

confidence: 99%

“…Thus, to study the effectiveness of the proposed system we have used accuracy, precision, recall, and F‐measure as performance indicators. The main reason behind the selection of these metrics for performance evaluation is that they are popularly used in the literature to evaluate the performance of classification algorithms 52,54,58,59 . Moreover, our focus is on studying the effectiveness of classifiers in terms of their capability to detect attacks.…”

Section: Performance Evaluationmentioning

confidence: 99%

See 2 more Smart Citations

Voting‐based intrusion detection framework for securing software‐defined networks

Swami

Dave

Ranga

2020

Concurrency and Computation

View full text Add to dashboard Cite

Software-defined networking (SDN) is an emerging paradigm in enterprise networks because of its flexible and cost-effective nature. By decoupling control and data plane, SDN can provide various defense solutions for securing futuristic networks. However, the architectural design and characteristics of SDN attract several severe attacks. Distributed denial of service (DDoS) is considered as a major destructive cyber attack that makes the services of controller unavailable for its legitimate users. In this research article, an intrusion detection framework is proposed to detect DDoS attacks against SDN. The proposed framework relies on voting-based ensemble model for the attack detection. Ensemble model is a combination of multiple machine learning classifiers for prediction of final results. In this research article, we propose and analyze three ensemble models named as Voting-CMN, Voting-RKM, and Voting-CKM particularly to benchmarking datasets such as UNSW-NB15, CICIDS2017, and NSL-KDD, respectively. For validation of the proposed models, a cross-validation technique is used with the prediction algorithms. The effectiveness of proposed models is evaluated in terms of prominent metrics (accuracy, precision, recall, and F-measure). Experimental results indicate that the proposed models achieve better performance in terms of accuracy as compared with other existing models.

show abstract

Section: Performance Indicatorsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Performance Evaluationmentioning

confidence: 99%

See 1 more Smart Citation

Voting‐based intrusion detection framework for securing software‐defined networks

Swami

Dave

Ranga

2020

Concurrency and Computation

View full text Add to dashboard Cite

show abstract

“…An IDS is supposed to have high accuracy and high detection rate.Thus, to study the effectiveness of the proposed system we have used accuracy, precision, recall, and F-measure as performance indicators. The main reason behind the selection of these metrics for performance evaluation is that they are popularly used in the literature to evaluate the performance of classification algorithms 52,54,58,59 . Moreover, our focus is on studying the effectiveness of classifiers in terms of their capability to detect attacks.…”

Section: Performance Indicatorsmentioning

confidence: 99%

“…The performance was measured in terms of detection rate and computational time. Das et al 52 proposed an IDS to detect the DDoS attacks that utilize a voting based ensemble model as a detection method. The ensemble model combines four different classifiers, i.e., MLP, SVM, K-NN, and DT.…”

mentioning

confidence: 99%

Voting based Intrusion Detection Framework for Securing Software-Defined Networks

Swami¹,

Dave²,

Ranga³

2020

Preprint

View full text Add to dashboard Cite

<div>Software-defined networking (SDN) is an emerging paradigm in enterprise networks because of its flexible and cost-effective nature. By decoupling control and data plane, SDN can provide various defense solutions for securing futuristic networks. However, the architectural design and characteristics of SDN attract several severe attacks. Distributed Denial of Service (DDoS) is considered as a major destructive cyber attack that makes the services of controller unavailable for its legitimate users. In this research paper, an intrusion detection framework is proposed to detect DDoS attacks against SDN. The proposed framework relies on voting based ensemble model for the attack detection. Ensemble model is a combination of multiple machine learning classifiers for prediction of final results. In this research paper, we propose and analyze three ensemble models named as Voting-CMN, Voting-RKM, and Voting-CKM particularly to benchmarking datasets like UNSW-NB15, CICIDS2017, and NSL-KDD, respectively. For validation of the proposed models, a cross validation technique is used with the prediction algorithms. The effectiveness of proposed models is evaluated in terms of prominent metrics (accuracy, precision, recall, and F measure). Experimental results indicate that the proposed</div><div>models achieve better performance in terms of accuracy as compared to other existing models.</div>

show abstract

An ensemble method for feature selection and an integrated approach for mitigation of distributed denial of service attacks

Chanu

Singh

Chanu

2022

Concurrency and Computation

View full text Add to dashboard Cite

Distributed denial of service attacks (DDoS) penetrate numerous computer system and implant malicious codes thereby making them ready for launching a collaborative attack. These attacks paralyze the target system mainly the web server by exhausting their network resources of the target server. The threats posed by DDoS attacks on the Internet demands for effective detection and mitigation methods of these attacks.In the paper, we proposed an integrated method for detection and mitigation of DDoS attack using machine learning and a line of defenses respectively. The detection phase consists of feature selection through ensemble feature selection algorithm and classification using machine learning algorithm. Feature selection algorithms are important as they reduce the dimension of the dataset. The selection of an efficient classification model will improve the detection rate of the proposed system. In the mitigation phase, we introduce two lines of defense to minimize the exhaustion of the victim server's resources. Using the existing dataset, we show experimentally that it is possible to detect the presence of attacks and mitigate them to a minimum level. The proposed integrated method yields an accuracy of 97.8% in detecting the attacks and able to reduce the utilization of processors upto an average of 25.95%.

show abstract

DDoS Intrusion Detection Through Machine Learning Ensemble

Cited by 64 publications

References 22 publications

Voting‐based intrusion detection framework for securing software‐defined networks

Voting‐based intrusion detection framework for securing software‐defined networks

Voting based Intrusion Detection Framework for Securing Software-Defined Networks

An ensemble method for feature selection and an integrated approach for mitigation of distributed denial of service attacks

Contact Info

Product

Resources

About