TY - JOUR
T1 - PORTMAP DDOS ATTACK DETECTION USING FEATURE RANK AND MACHINE LEARNING ALGORITHMS
AU - Sugianela, Yuna
AU - Ahmad, Tohari
N1 - Publisher Copyright:
© 2022 ICIC International.
PY - 2022/4
Y1 - 2022/4
N2 - The era of big data, which is coming with a complicated and big scope of data, has caused the increase of the possibility of network attack. One of those possible attacks is DDoS or Distributed Denial of Service. It is a type of attack that floods the network traffics, and it usually is implemented in the upper layers of the network protocol. DDoS occurs like a highway blocked by traffic jams so that traffic flow does not arrive at the desired destination. Some research generates datasets of network attacks, especially on this DDoS. They analyze the taxonomy of attacks or determine important factors that affect the corresponding attack. The method for detecting DDoS is usually done by an Intrusion Detection System (IDS) using classification and clustering methods. Machine learning has been widely used to make IDS optimal. Despite the fact that a machine learning algorithm has good adaptability to detect the attack, it needs time for processing the dataset with high dimensional data, for example, 80 features. In this paper, we propose the feature selection using feature rank and the detection using some machine learning algorithms to balance the dimensionality of data and the accuracy. We focus on detecting the PortMap DDoS attack as the reflection-based DDoS. The proposed method reaches the most effective result in 99.937% of accuracy and consumes 0.04 seconds from the Chi-square attribute evaluation with stopping criteria of 7000 with the k-NN classification method.
AB - The era of big data, which is coming with a complicated and big scope of data, has caused the increase of the possibility of network attack. One of those possible attacks is DDoS or Distributed Denial of Service. It is a type of attack that floods the network traffics, and it usually is implemented in the upper layers of the network protocol. DDoS occurs like a highway blocked by traffic jams so that traffic flow does not arrive at the desired destination. Some research generates datasets of network attacks, especially on this DDoS. They analyze the taxonomy of attacks or determine important factors that affect the corresponding attack. The method for detecting DDoS is usually done by an Intrusion Detection System (IDS) using classification and clustering methods. Machine learning has been widely used to make IDS optimal. Despite the fact that a machine learning algorithm has good adaptability to detect the attack, it needs time for processing the dataset with high dimensional data, for example, 80 features. In this paper, we propose the feature selection using feature rank and the detection using some machine learning algorithms to balance the dimensionality of data and the accuracy. We focus on detecting the PortMap DDoS attack as the reflection-based DDoS. The proposed method reaches the most effective result in 99.937% of accuracy and consumes 0.04 seconds from the Chi-square attribute evaluation with stopping criteria of 7000 with the k-NN classification method.
KW - Classification
KW - Data protection
KW - Features selection
KW - Network infrastructure
KW - Network security
UR - http://www.scopus.com/inward/record.url?scp=85127191183&partnerID=8YFLogxK
U2 - 10.24507/icicelb.13.04.347
DO - 10.24507/icicelb.13.04.347
M3 - Article
AN - SCOPUS:85127191183
SN - 2185-2766
VL - 13
SP - 347
EP - 354
JO - ICIC Express Letters, Part B: Applications
JF - ICIC Express Letters, Part B: Applications
IS - 4
ER -