Toward an Online DoS/DDoS Classification: An Empirical Study for Network Intrusion Detection Systems
- 1 Hanoi University of Science and Technology, Vietnam
- 2 FPT Corporation, Vietnam
Abstract
In recent years, Distributed Denial of Services (DDoS) attacks have caused significant losses to industry and government due to an increasing number of devices connected to the Internet. These devices use services-over-Internet more frequently with services characterized and provided seamlessly by 5G, Cloud and Edge Computing. According to Cisco Annual Internet Report, the frequency of DoS/DDoS attacks has increased more than 2.5 times over the last 3 years and the average size of attacks is increasing steadily and approaching 1 Gbps. Therefore, there are cyber threats continuing to grow even with the development of new protection technologies. Our work is strongly motivated from with the goal to study and evaluate four Machine Learning models toward development of an Online Network Intrusion Detection System (N-IDS). This article studies on the application on three feature selection algorithms combined with four machine learning models applied to N-IDS. We have implemented performance evaluation our proposed model on three up-to-date DoS/DDoS datasets. We have shown that Feature Importance and K-Nearest Neighbors’ algorithm (KNN) can give better results in all benchmark datasets than previous work and the empirical results of all four machine learning models and three feature selection algorithms are also presented in detail.
DOI: https://doi.org/10.3844/jcssp.2021.304.318
Copyright: © 2021 Tran Hoang Hai, Nguyen Trong Khiem and Nguyen Huu Phuc. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
- 3,286 Views
- 1,426 Downloads
- 1 Citations
Download
Keywords
- DDoS
- Network Security
- Intrusion Detection
- Attack Classification