Machine Learning-Based Dynamic Attribute Selection Technique for DDoS Attack Classification in IoT Networks (original) (raw)
Related papers
A Machine Learning-Based Intrusion Detection of DDoS Attack on IoT Devices
International Journal of Advanced Trends in Computer Science and Engineering , 2021
DDoS attack aims to prevent legitimate users from getting access to a targeted system service by exhausting the resources, bandwidth and so on. Though, there are different intrusion mechanisms for detection DDoS attack, having an automated system that can learn the nature of the attack and instantly detect it is the reason why machine learning is used in this work. Decision tree, KNN and Naïve Bayes are the algorithms used classify a benign traffic from a DDoS attack. About nineteen different feature was carefully selected from CIC2019DDoS dataset. The DDoS attack types used for the experiment are UDP, DNS, SYN and NetBIOS. The results of the experiment indicate that Decision tree and KNN proved to be the most effective with an accuracy of 100% and 98% respectively. Naïve Bayes gave a very poor result with an accuracy of 29%.
IoT DDOS ATTACK DETECTION USING MACHINE LEARNING
2020 4th International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT), 2020
The distribution strategy of a botnet mainly directs its configuration, installing a support of bots for coming exploitation. In this article, we utilize the sources of pandemic modeling to IoT networks consisting of WSNs. We build a proposed framework to detect and abnormal defense activities. According to the impact of IoT-specific features like insufficient processing power, power limitations, and node density on the formation of a botnet, there are significant challenges. We use standard datasets for active two famous attacks, such as Mirai. We also used many machine learning and data mining algorithms such as LSVM, Neural Network, and Decision tree to detect abnormal activities such as DDOS features. In the experimental results, we found that the merge between random forest and decision tree achieved high accuracy to detect attacks.
A Comparative Analysis of Machine Learning Models for DDoS Detection in IoT Networks
Abstract—This paper presents the detection of DDoS attacks in IoT software-defined networks using machine learning models and software-defined networking (SDN) concepts for attack prevention. Their rapid growth has made them highly susceptible to various forms of cyberattacks, many of whose security procedures are implemented in an irregular manner. It evaluates the efficacy of different machine learning models, such as XGBoost, KNearest Neighbours, Stochastic Gradient Descent, and Na¨ıve Bayes, in detecting DDoS attacks from normal network traffic. Each model has been explained on several performance metrics, such as accuracy, precision, recall, and FF1-score, to understand the suitability of each model in real-time detection and response against DDoS IoT threats. This comparative analysis will, therefore, enumerate the unique strengths and weaknesses of each model with respect to the IoT environments that are dynamic and hence moving in nature. The effectiveness of these models is analyzed, showing how machine learning can greatly enhance IoT security frameworks, offering adaptive, efficient, and reliable DDoS detection capabilities. These findings have shown the potential of machine learning in addressing the pressing need for robust IoT security solutions that can mitigate modern cyber threats and assure network integrity. Index Terms—DDoS detection, IoT security, machine learning, XGBoost, K-Nearest Neighbors, Stochastic Gradient Descent, Naïve Bayes, network traffic analysis, cybersecurity, anomaly detection, IoT mobile networks, real-time detection, attack mitigation, adaptive algorithms, supervised learning, classification models, predictive analytics, feature selection, data preprocessing, intrusion detection systems, model evaluation metrics
Using Machine Learning to Build a Classification Model for IoT Networks to Detect Attack Signatures
2020
Internet of things (IoT) has led to several security threats and challenges within society. Regardless of the benefits that it has brought with it to the society, IoT could compromise the security and privacy of individuals and companies at various levels. Denial of Service (DoS) and Distributed DoS (DDoS) attacks, among others, are the most common attack types that face the IoT networks. To counter such attacks, companies should implement an efficient classification/detection model, which is not an easy task. This paper proposes a classification model to examine the effectiveness of several machine-learning algorithms, namely, Random Forest (RF), k-Nearest Neighbors (KNN), and Naïve Bayes. The machine learning algorithms are used to detect attacks on the UNSW-NB15 benchmark dataset. The UNSW-NB15 contains normal network traffic and malicious traffic instants. The experimental results reveal that RF and KNN classifiers give the best performance with an accuracy of 100% (without nois...
Turkish Journal of Computer and Mathematics Education (TURCOMAT), 2023
Distributed Denial of Service (DDoS) attacks are an ever-present threat to network security and can make online services hard for users to access. Conventional detection methods often struggle to effectively counter new and sophisticated DDoS attacks. This research article aims to assess the effectiveness of several machine learning methods in detecting distributed denial-of-service (DDoS) attacks. The evaluation is conducted using the DDOS attack SDN dataset, which is sourced from Google's research dataset. Various algorithms, including Random Forest, Decision Tree, Naive Bayes, and Support Vector Machine (SVM), are used for the purpose of analyzing network traffic data and detecting abnormal patterns that may indicate DDoS attacks. Results indicate that the Random Forest algorithm achieves the highest accuracy rate of 99.4% in detecting DDoS attacks. Additionally, the Decision Tree and SVM algorithms perform admirably, achieving accuracy rates of 98.8% and 98.4%, respectively. This research underscores the potential of machine learning algorithms in detecting and mitigating DDoS attacks. It emphasizes the necessity of employing advanced techniques for robust cyber threat defense and offers valuable insights into the performance of different machine learning algorithms in the context of DDoS attack detection.
IoT network security based on machine learning techniques for DDoS threats mitigations
2019
The acceptance of Internet of Things (IoT) applications and services has seen an enormous rise of interest in IoT. Organizations have begun to create various IoT based gadgets ranging from small personal devices such as a smart watch to a whole network of smart grid, smart mining, smart manufacturing, and autonomous driver-less vehicles. The overwhelming amount and ubiquitous presence have attracted potential hackers for cyber-attacks and data theft. Security is considered as one of the prominent challenges in IoT. The key scope of this research work is to propose an innovative model using machine learning algorithm to detect and mitigate botnet-based distributed denial of service (DDoS) attack in IoT network. Our proposed model tackles the security issue concerning the threats from bots. Different machine learning algorithms such as K-Nearest Neighbour (KNN), Naive Bayes model and Multi-layer Perception Artificial Neural Network (MLP ANN) were used to develop a model where data are trained by BoT-IoT dataset. The best algorithm was selected by a reference point based on accuracy percentage and area under the receiver operating characteristics curve (ROC AUC) score. Feature engineering and Synthetic minority oversampling technique (SMOTE) were combined with machine learning algorithms (MLAs). Performance comparison of three algorithms used was done in class imbalance dataset and on the class balanced dataset.
A Prediction and Classification Process for DDoS Attacks Using Machine Learning
IEEE, 2023
The popularity of computer networks in our daily life has grown recently as a result of the extensive use of the Internet. Due to server flaws, hackers can access computers using not only well-known attack types but also newer, more advanced, and harder to spot ones. One of the maximum popular defenses is the Intrusion Detection System (IDS), which uses machine learning techniques to train on a pre-collected dataset to defend computers from them. In this paper, the authors examine the present practice of Distributed Denial of Service (DDoS) attacks. DDoS attacks make use of restrictions that are applicable to any arrangement asset, such as the website's framework for an authorized organization. However, it is crucial to use the most recent dataset in order to identify the most recent DDoS activities. The authors employed an old-fashioned KDD dataset. In this research, a machine learning technique was used to identify and predict the sorts of DDoS attacks. The K Nearest Neighbor, Random Forest, and Decision Tree are three machinelearning-based IDSs approaches that we propose in this paper.
Iterative Feature Selection-Based DDoS attack Prevention Approach in Cloud
International journal of electrical and computer engineering systems, 2023
Distributed Denial of Service (DDOS) attacks aim to exploit the capacity and performance of a network's infrastructure, making the cloud environment one of the biggest targets for attackers. Many efforts are being made in the field of technology to prevent them from disrupting the services provided. Machine Learning techniques are a means to protect against DDOS attacks. Data preprocessing, feature selection, and classifiers are the main components of any prevention framework. The focus of this study is to find and enhance the feature selection approach for increasing the accuracy of the classifiers in detecting DDOS attacks from regular traffic. We used four different techniques, including Pearson Correlation Coefficient (PCC), Random Forest Feature Importance (RFFI), Mutual information (MI), and Chi-squared(X2) measure which we tested on different classifiers. The first selection approach was based on the feature's independency level then the second iteration was based on the feature's importance. We also examined the claim of dropping attacks from the dataset for better accuracy. The best performing set of features was from using PCC and RFFI together for feature selection with average accuracy and precision of 99.27% and 97.60%, which is higher than the use of PCC for both measures by almost 2%. The accuracy is also higher by nearly 12% from the same approach dropping 50% of the attacks.
Bulletin of Electrical Engineering and Informatics, 2024
Distributed denial of service (DDoS) attacks involves disrupting a target system by flooding it with an immense volume of traffic originating from numerous sources. These attacks can disrupt online services, causing financial losses and reputational damage to various organizations. To combat this threat, the proposed network intrusion detection system (NIDS) utilizes machine learning (ML) algorithms trained on the KDDCup99 dataset. This dataset encompasses a diverse array of network traffic patterns, bounded by both regular traffic and various attack types. By training the NIDS on this dataset, it becomes capable of accurately identifying DDoS attacks based on their distinctive patterns. The NIDS model is constructed using ML approaches like random forest (RF), support vector machines (SVM), and naive Bayes (NB). The developed NIDS is evaluated using performance metrics such as accuracy, precision, recall, F1-score, and receiver operating characteristic (ROC) curve. The proposed method demonstrates the NIDS’s accuracy of about 93%, precision of 99% and recall of 92% in detecting DDoS attacks, transforming it into a valuable tool for network security in comparison with the current methods. The study contributes to the domain of network security by providing an effective NIDS solution for detecting the DDoS attacks in the wireless sensor network.
Evaluation of Ddos Attacks Detection in a CICIDS2017 Dataset Based on Classification Algorithms
2018
Intrusion detection system is an imperative role in increasing security and decreasing the harm of the computer security system and information system when using of network. It observes different events in a network or system to decide occurring an intrusion or not and it is used to make strategic decision, security purposes and analyzing directions. This paper describes host based intrusion detection system architecture for DDoS attack, which intelligently detects the intrusion periodically and dynamically by evaluating the intruder group respective to the present node with its neighbors. We analyze a dependable dataset named CICIDS 2017 that contains benign and DDoS attack network flows, which meets certifiable criteria and is openly accessible. It evaluates the performance of a complete arrangement of machine learning algorithms and network traffic features to indicate the best features for detecting the assured attack classes.