Activity
Time:
M.S. Project Defense: Lalita Kumawat
Date:
11:00 am –
12:00 pm
Zoom
“DDoS Attack detection using Machine Learning Techniques”
Distributed Denial of Service (DDoS) is a malicious attack to disrupt the network services on a targeted server. The compromised systems (bots) are used to overwhelm the targeted server or system with large number of malicious traffic and makes them slow and unavailable. DDoS attack mainly occurs in Network Layer (3), Transport layer (4) and Application layer (7) of OSI model (Open System Interconnection model). It’s been a challenging problem to detect DDoS attack with high accuracy even after many years of research. The traditional threshold-based method is not very effective because of the increasing complexity of DDoS attack and setting reasonable threshold values. Lots of synthetic Datasets are being created to replicate the DDoS traffic for enabling further research on identifying the DDoS attack. In recent years, there has been a rise in Machine learning based techniques to predict the normal and malicious traffic using large traffic data. In this project, we analyze the CICDDoS2019 dataset which is the result of a project between Canadian Institute of Cybersecurity (CIC) and Communication System Establishment (CSE). This is labeled dataset including different types of Reflective based and Exploitation based DDoS attacks along with the normal traffic. We propose different machine learning techniques to detect the DDoS attack. This project includes three steps. The first step is analyzing the dataset, second step is feature extraction based on Recursive Feature Elimination with Cross Validation method which helps to extract most relevant features and remove weakest features. The third step is detecting DDoS attacks using different classifiers (Decision Tree, Naive Bayes, Random Forest) where the extracted features are used as input features. We investigate these 3 different machine learning classifiers. The Decision Tree classifier achieved the best F1 score 86% with 96% precision and 78% Recall and Random Forest classifier provides F1 Score 63% and Precision 99%. The Naive Bayes classifier performs poorly among these three classifiers in terms of Precision
Committee Members:
Dr. Byrav Ramamurthy (Advisor)
Dr. Lisong Xu
Dr. Nirnimesh Ghose
Zoom: https://unl.zoom.us/j/97888844890
Meeting ID: 978 8884 4890
Distributed Denial of Service (DDoS) is a malicious attack to disrupt the network services on a targeted server. The compromised systems (bots) are used to overwhelm the targeted server or system with large number of malicious traffic and makes them slow and unavailable. DDoS attack mainly occurs in Network Layer (3), Transport layer (4) and Application layer (7) of OSI model (Open System Interconnection model). It’s been a challenging problem to detect DDoS attack with high accuracy even after many years of research. The traditional threshold-based method is not very effective because of the increasing complexity of DDoS attack and setting reasonable threshold values. Lots of synthetic Datasets are being created to replicate the DDoS traffic for enabling further research on identifying the DDoS attack. In recent years, there has been a rise in Machine learning based techniques to predict the normal and malicious traffic using large traffic data. In this project, we analyze the CICDDoS2019 dataset which is the result of a project between Canadian Institute of Cybersecurity (CIC) and Communication System Establishment (CSE). This is labeled dataset including different types of Reflective based and Exploitation based DDoS attacks along with the normal traffic. We propose different machine learning techniques to detect the DDoS attack. This project includes three steps. The first step is analyzing the dataset, second step is feature extraction based on Recursive Feature Elimination with Cross Validation method which helps to extract most relevant features and remove weakest features. The third step is detecting DDoS attacks using different classifiers (Decision Tree, Naive Bayes, Random Forest) where the extracted features are used as input features. We investigate these 3 different machine learning classifiers. The Decision Tree classifier achieved the best F1 score 86% with 96% precision and 78% Recall and Random Forest classifier provides F1 Score 63% and Precision 99%. The Naive Bayes classifier performs poorly among these three classifiers in terms of Precision
Committee Members:
Dr. Byrav Ramamurthy (Advisor)
Dr. Lisong Xu
Dr. Nirnimesh Ghose
Zoom: https://unl.zoom.us/j/97888844890
Meeting ID: 978 8884 4890