Visible to the public An empirical study of intelligent approaches to DDoS detection in large scale networks

TitleAn empirical study of intelligent approaches to DDoS detection in large scale networks
Publication TypeConference Paper
Year of Publication2019
AuthorsLiang, Xiaoyu, Znati, Taieb
Conference Name2019 International Conference on Computing, Networking and Communications (ICNC)
Keywordsalarming rate, attack scenarios, Benchmark testing, class imbalance problem, composability, comprehensive empirical evaluation, Computer crime, computer network security, DDoS attack detection, DDoS Attacks, DDoS detection, denial-of-service attack, distributed denial-of-services attacks, empirical evaluation, empirical study, feature extraction, frequency, Human Behavior, intelligent approaches, intensity, Internet, large scale networks, learning (artificial intelligence), machine learning based DDoS detection techniques, machine learning techniques, Metrics, ML-based DDoS detection capabilities, ML-based detection techniques, Monitoring, Performance Metrics, pubcrawl, Resiliency, Sensitivity
AbstractDistributed Denial of Services (DDoS) attacks continue to be one of the most challenging threats to the Internet. The intensity and frequency of these attacks are increasing at an alarming rate. Numerous schemes have been proposed to mitigate the impact of DDoS attacks. This paper presents a comprehensive empirical evaluation of Machine Learning (ML)based DDoS detection techniques, to gain better understanding of their performance in different types of environments. To this end, a framework is developed, focusing on different attack scenarios, to investigate the performance of a class of ML-based techniques. The evaluation uses different performance metrics, including the impact of the “Class Imbalance Problem” on ML-based DDoS detection. The results of the comparative analysis show that no one technique outperforms all others in all test cases. Furthermore, the results underscore the need for a method oriented feature selection model to enhance the capabilities of ML-based detection techniques. Finally, the results show that the class imbalance problem significantly impacts performance, underscoring the need to address this problem in order to enhance ML-based DDoS detection capabilities.
DOI10.1109/ICCNC.2019.8685519
Citation Keyliang_empirical_2019