Detection and Defense Algorithms of Different Types of DDoS Attacks Using Machine Learning

• Published in: Lecture Notes in Electrical Engineering
• Main Author: Yusof M.A.M.; Ali F.H.M.; Darus M.Y.
• Format: Conference paper
• Language: English
• Published: Springer Verlag 2018
• Online Access: https://www.scopus.com/inward/record.uri?eid=2-s2.0-85043340051&doi=10.1007%2f978-981-10-8276-4_35&partnerID=40&md5=a3343644ed18a737fff30a32d0ebfa8a

Recently, many organizations require security tools to maintain their network or IoT environment from DDoS attacks. Most security tools today, do not have enough power to detect whether the incoming packet is a normal packet or DDoS packet. The purpose of the DDoS attack is to undermine the web server of an organization that may run a business. Therefore, this research is conducted to design a technique called Packet Threshold Algorithm (PTA) coupled with SVM in order to detect four types of DDoS attacks such as TCP SYN flood, UDP flood, Ping of Death and Smurf. The results of this research on the use of this technique is claimed enable the action of minimizing false positive rates and increases the detection accuracy in comparison to the other three current techniques. The TPA-SVM technique has the capability of detecting incoming packets as normal packets or DDoS attacks. The DDoS attack type of detection is based on the packet threshold. © 2018, Springer Nature Singapore Pte Ltd.