Ensemble Learning Method for DDOS Attack Mitigation in Web Based Networks
Keywords:
Ensemble Learning, DDoS Attack, Mitigation, Machine Learning, Random ForestAbstract
Web-based networks are threatened by DDoS attacks, which interrupt services and consume money. Ensemble learning methods are used to mitigate web-based DDoS attacks in this paper. Ensemble learning improves detection accuracy and robustness by combining machine learning models. The proposed algorithm detects DDoS attacks using Random Forest, an ensemble learning method. Random Forest may control high-dimensional data, analyse feature importance, and avoid overfitting. We gather and preprocess network traffic data, including packet speeds, sizes, and protocols. Labelled data classifies traffic occurrences as regular or DDoS for a Random Forest classifier. Accuracy, precision, recall, and F1-score are used to evaluate the model. Results show that ensemble learning can reliably predict DDoS attacks with few false positives. In web-based networks, this strong detection system monitors incoming traffic. Combining network security with ensemble learning-based DDoS mitigation, the proposed technique provides proactive DDoS defence. It protects services and user experiences from DDoS attacks because to its responsiveness to changing attack patterns and scalability. To evaluate the proposed approach, we have utilized two modern datasets, namely CIC-DDoS 2019 and AWID (A Network Intrusion Dataset). These results provide more support for the proposed models and allow the research to proceed in as planned proposed.
Downloads
References
Mishra, A., Gupta, N. & Gupta, B.B. Defensive mechanism against DDoS attack based on feature selection and multi-classifier algorithms. Telecommun Syst 82, 229–244 (2023).
Gocher, H., Taterh, S. & Dadheech, P. Impact Analysis to Detect and Mitigate Distributed Denial of Service Attacks with Ryu-SDN Controller: A Comparative Analysis of Four Different Machine Learning Classification Algorithms. SN COMPUT. SCI. 4, 456 (2023).
Vidyashree, L., Suresha Mitigation of cyber attacks assuring security with conglomerate edict based intrusion detection system in IoT. Sādhanā 47, 67 (2022).
Bawany, N.Z.; Shamsi, J.A.; Salah, K. DDoS Attack Detection and Mitigation Using SDN: Methods, Practices, and Solutions. Arab. J. Sci. Eng. 2017, 42, 425–441.
Jain, M., Kaur, G. Distributed anomaly detection using concept drift detection based hybrid ensemble techniques in streamed network data. Cluster Comput 24, 2099–2114 (2021).
Catillo, M., Del Vecchio, A., Pecchia, A. et al. Transferability of machine learning models learned from public intrusion detection datasets: the CICIDS2017 case study. Software Qual J 30, 955–981 (2022).
Sambangi, S.; Gondi, L. A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression. Proceedings 2020, 63, 51.
T. S. Chu, W. Si, S. Simoff and Q. V. Nguyen, "A Machine Learning Classification Model Using Random Forest for Detecting DDoS Attacks," 2022 International Symposium on Networks, Computers and Communications (ISNCC), Shenzhen, China, 2022, pp. 1-7, doi: 10.1109/ISNCC55209.2022.9851797.
F. Nazarudeen and S. Sundar, "Efficient DDoS Attack Detection using Machine Learning Techniques," 2022 IEEE International Power and Renewable Energy Conference (IPRECON), Kollam, India, 2022, pp. 1-6, doi: 10.1109/IPRECON55716.2022.10059561.
V. Gaur and R. Kumar, "ET-RF based Model for Detection of Distributed Denial of Service Attacks," 2022 International Conference on Sustainable Computing and Data Communication Systems (ICSCDS), Erode, India, 2022, pp. 1205-1212, doi: 10.1109/ICSCDS53736.2022.9760938.
Krishna Kishore, P., Prathima, K., Eswari, D.S., Goud, K.S. (2023). Bidirectional LSTM-Based Sentiment Analysis of Context-Sensitive Lexicon for Imbalanced Text. In: Bhateja, V., Sunitha, K.V.N., Chen, YW., Zhang, YD. (eds) Intelligent System Design. Lecture Notes in Networks and Systems, vol 494. Springer, Singapore. https://doi.org/10.1007/978-981-19-4863-3_27
V., Kanimozhi., T., Prem, Jacob. (2021). Artificial Intelligence outflanks all other machine learning classifiers in Network Intrusion Detection System on the realistic cyber dataset CSE-CIC-IDS2018 using cloud computing. ICT Express, 7(3):366-370. doi: 10.1016/J.ICTE.2020.12.004
Trevor, Pinto., Yakub, Sebastian. (2021). Detecting DDoS attacks using a cascade of machine learning classifiers based on Random Forest and MLP-ANN. doi: 10.1109/MASCON51689.2021.9563266
Fatima, Khashab., Joanna, Moubarak., Antoine, Feghali., Carole, Bassil. (2021). DDoS Attack Detection and Mitigation in SDN using Machine Learning. 395-401. doi: 10.1109/NETSOFT51509.2021.9492558
Iman, Sharafaldin., Arash, Habibi, Lashkari., Saqib, Hakak., Ali, A., Ghorbani. (2019). Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy. doi: 10.1109/CCST.2019.8888419
P. Krishna Kishore, S. Ramamoorthy, V.N. Rajavarman, "Mitigation of HTTP Flood DDoS Attack in Application Layer Using Machine Learning and Isolation Forest," SSRG International Journal of Electrical and Electronics Engineering, vol. 10, no. 10, pp. 6-19, 2023. Crossref, https://doi.org/10.14445/23488379/IJEEE-V10I10P102
Imran, Edzereiq, Kamarudin., Mohd, Faizal, Ab, Razak., Ahmad, Firdaus., M., Izham, Jaya., Yau, Ti, Dun. (2021). Performance Analysis on Denial of Service attack using UNSW-NB15 Dataset. doi: 10.1109/ICSECS52883.2021.00083
G, Megala., S., Prabu., B, C, Liyanapathirana. (2021). Detecting DDoS Attack: A Machine-Learning-Based Approach. 55-66. doi: 10.4018/978-1-7998-3335-2.CH004
Naveen, Bindra., Manu, Sood. (2019). Detecting DDoS Attacks Using Machine Learning Techniques and Contemporary Intrusion Detection Dataset. Automatic Control and Computer Sciences, 53(5):419-428. doi: 10.3103/S0146411619050043
H., T., Manjula., Neha, Mangla. (2021). An approach to on-stream DDoS blitz detection using machine learning algorithms. Materials Today: Proceedings, doi: 10.1016/J.MATPR.2021.07.280
Augusto, Gonzaga, Sarmento., Kheng, Cher, Yeo., Sami, Azam., Asif, Karim., Abdullah, Al, Mamun., Bharanidharan, Shanmugam. (2021). Applying Big Data Analytics in DDos Forensics: Challenges and Opportunities. 235-252. doi: 10.1007/978-3-030-68534-8_15
Atheer, Alharthi., Ala', Eshmawi., Azzah, Kabbas., Lobna, Hsairi. (2020). Network Traffic Analysis for DDOS Attack Detection. doi: 10.1145/3440749.3442637
R., R., Rejimol, Robinson., Ciza, Thomas. (2021). Low Rate Multi-vector DDoS Attack Detection Using Information Gain Based Feature Selection. 685-696. doi: 10.1007/978-981-16-0965-7_53
Iman, Sharafaldin., Arash, Habibi, Lashkari., Ali, A., Ghorbani. (2018). A Detailed Analysis of the CICIDS2017 Data Set. 172-188. doi: 10.1007/978-3-030-25109-3_9
Vimal, Gaur., Rajesh, Kumar. (2022). FSMDAD: Feature Selection Method for DDoS Attack Detection. 939-944. doi: 10.1109/ICEARS53579.2022.9752308
Lu, Zhou., Ye, Zhu., Tianrui, Zong., Yang, Xiang. (2022). A feature selection-based method for DDoS attack flow classification. Future Generation Computer Systems, 132:67-79. doi: 10.1016/j.future.2022.02.006
Deepak, Kshirsagar., Sandeep, Kumar. (2021). An efficient feature reduction method for the detection of DoS attack. ICT Express, 7(3):371-375. doi: 10.1016/J.ICTE.2020.12.006
Vimal, Gaur., Vimal, Gaur., Rajneesh, Kumar. (2021). Analysis of Machine Learning Classifiers for Early Detection of DDoS Attacks on IoT Devices. Arabian Journal for Science and Engineering, 1-22. doi: 10.1007/S13369-021-05947-3
Subhashini, Peneti., Hemalatha, E. (2021). DDOS Attack Identification using Machine Learning Techniques. doi: 10.1109/ICCCI50826.2021.9402441
P., Ravi, Kiran, Varma., K., V., Subba, Raju., Suresh, Ruthala. (2021). Application of Whale Optimization Algorithm in DDOS Attack Detection and Feature Reduction. 93-102. doi: 10.1007/978-981-33-4305-4_8
Heru, Nurwarsito., Muhammad, Fahmy, Nadhif. (2021). DDoS Attack Early Detection and Mitigation System on SDN using Random Forest Algorithm and Ryu Framework. 178-183. doi: 10.1109/ICCCE50029.2021.9467167
Mona, A., Alduailij., Qazi, Waqas, Khan., Muhammad, Zeeshan, Tahir., Muhammad, Sardaraz., Mai, A., Alduailij., Fazila, Malik. (2022). Machine-Learning-Based DDoS Attack Detection Using Mutual Information and Random Forest Feature Importance Method. Symmetry, 14(6):1095-1095. doi: 10.3390/sym14061095
Trevor, Pinto., Yakub, Sebastian. (2021). Detecting DDoS attacks using a cascade of machine learning classifiers based on Random Forest and MLP-ANN. doi: 10.1109/MASCON51689.2021.9563266
H. Nurwarsito and M. F. Nadhif, "DDoS Attack Early Detection and Mitigation System on SDN using Random Forest Algorithm and Ryu Framework," 2021 8th International Conference on Computer and Communication Engineering (ICCCE), Kuala Lumpur, Malaysia, 2021, pp. 178-183, doi: 10.1109/ICCCE50029.2021.9467167.
P. Krishna Kishore, S. Ramamoorthy, V.N. Rajavarman, ARTP: Anomaly based real time prevention of Distributed Denial of Service attacks on the web using machine learning approach, International Journal of Intelligent Networks, Volume 4, 2023, Pages 38-45, ISSN 2666-6030, https://doi.org/10.1016/j.ijin.2022.12.001.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.