This paper is published in Volume-6, Issue-3, 2020
Area
Computer Science and Engineering
Author
Santoshi Sahu, Mamidi Sushma Venkata Anisha, Rayudu Venusri Teja, Sai Smruti Rout
Org/Univ
Andhra University College of Engineering for Women, Visakhapatnam, Andhra Pradesh, India
Pub. Date
06 May, 2020
Paper ID
V6I3-1170
Publisher
Keywords
DDoS attacks, Machine learning entropy estimation, Bi-clustering, Feature selection, Randomized trees classification.

Citationsacebook

IEEE
Santoshi Sahu, Mamidi Sushma Venkata Anisha, Rayudu Venusri Teja, Sai Smruti Rout. Bi-clustering and classification-based detection for DDoS attacks, International Journal of Advance Research, Ideas and Innovations in Technology, www.IJARIIT.com.

APA
Santoshi Sahu, Mamidi Sushma Venkata Anisha, Rayudu Venusri Teja, Sai Smruti Rout (2020). Bi-clustering and classification-based detection for DDoS attacks. International Journal of Advance Research, Ideas and Innovations in Technology, 6(3) www.IJARIIT.com.

MLA
Santoshi Sahu, Mamidi Sushma Venkata Anisha, Rayudu Venusri Teja, Sai Smruti Rout. "Bi-clustering and classification-based detection for DDoS attacks." International Journal of Advance Research, Ideas and Innovations in Technology 6.3 (2020). www.IJARIIT.com.

Abstract

There are several Machine Learning (ML) techniques that have been adopted for detecting DDoS attacks, But the attacks still became a major threat. The various existing systems worked on supervised and unsupervised ML-based approaches. Various supervised ML approaches consider both labeled and unlabeled network traffic datasets to detect DDoS attacks. Whereas, unsupervised ML approaches depends on incoming network traffic data to the attacks. Both approaches analyses using large amount of network traffic data with very low accuracy and high false-positive rates. In this presented paper, we propose semi-supervised Machine Learning approach for DDoS detection based on various algorithms orderly, Entropy estimation, Bi-clustering approach, and Random Trees decision making algorithm. The unsupervised part allows removing the irrelevant traffic data for DDoS detection which allows decreasing false-positive rates and increases efficiency. Whereas, the supervised part allows us to reduce the false-positive rates from the unsupervised part and to accurately classify the DDoS traffic data. Various experiments were conducted to evaluate the proposed approach using public NSL-KDD dataset. An accuracy of 98.66% is achieved for respectively NSL-KDD dataset, with respect to the false-positive rate of 0.31%.