Using machine learning to classify DOS/DDOS attacks

Authors

DOI:

https://doi.org/10.30837/rt.2024.2.217.04

Keywords:

machine learning, decision trees, CSICIDS2017, RF, SVM, KNN, ANN, NB, SGBoost, DOS, DDOS, classifier

Abstract

The relevance of this work is manifested in the need to detect and counteract DOS/DDOS attacks, which pose a serious threat to modern information systems. These cyberattacks lead to significant economic losses and disruptions in the operation of network services. The aim of the work is to confirm the hypothesis that the decision tree method performs better for detecting DOS/DDOS attacks under certain conditions.

A comparison of decision tree methods with other machine learning methods (RF, SVM, KNN, ANN, NB, SGBoost) was conducted based on the CSICIDS2017 dataset. Decision trees have shown significant improvements in attack detection accuracy through optimal hyperparameter tuning and dataset selection.

References

Сєвєрінов О.В., Шевцов В.О., Сокол-Кутиловська А.С. Аналіз сучасних методів атак на електронні ресурси органів управління // Системи озброєння і військова техніка. 2017. №1. С. 65–68.

Сєвєрінов О.В., Хрєнов А.Г., Поляков А.О. Аналіз сучасних методів атак на автоматизовані системи управління військами та інформаційні мережі // Системи обробки інформації. 2015. №9. С.101–104.

Amer A. Abdulrahman, Mahmood K. Ibrahem, Evaluation of Ddos Attacks Detection in a CICIDS2017 Dataset Based on Classification Algorithms [Електронний ресурс]. Режим доступу: https://www.academia.edu/71363307/Evaluation_of_Ddos_Attacks_Detection_in_a_CICIDS2017_Dataset_Based_on_Classification_Algorithms

Polat H., Polat O., Cetin A. Detecting DDoS Attacks in Software-Defined Networks Through Feature Selection Methods and Machine Learning Models // Sustainability. 2020. 12(3). Р.1035. https://doi.org/10.3390/su12031035

Liu Z., Wang Y., Feng F., Liu Y., Li Z, Shan Y. A DDoS Detection Method Based on Feature Engineering and Machine Learning in Software-Defined Networks // Sensors. 2023. 23(13). Р.6176. https://doi.org/10.3390/s23136176

IDS 2017 | Datasets | Research | Canadian Institute for Cybersecurity | UNB [Електронний ресурс]. Ре-жим доступу: https://www.unb.ca/cic/datasets/ids-2017.html.

Published

2024-06-14

How to Cite

Kavetskyi, M., Sievierinov, O., Gvozdov, R., & Smirnov, A. (2024). Using machine learning to classify DOS/DDOS attacks. Radiotekhnika, 2(217), 55–63. https://doi.org/10.30837/rt.2024.2.217.04

Issue

Section

Articles