DDoS Classification using Combined Techniques

• Published in: International Journal of Advanced Computer Science and Applications
• Main Author: Yusof M.A.M.; Safar N.Z.M.; Abdullah Z.; Ali F.A.H.; Sukri K.A.M.; Jofri M.H.; Mohamed J.; Omar A.H.; Bahrudin I.A.; Ali @ Md Hani M.H.M.
• Format: Article
• Language: English
• Published: Science and Information Organization 2024
• Online Access: https://www.scopus.com/inward/record.uri?eid=2-s2.0-85184993556&doi=10.14569%2fIJACSA.2024.0150153&partnerID=40&md5=79b2bb82ef0db5ecc64c37de666cb8f1

Now-a-days, the attacker's favourite is to disrupt a network system. An attacker has the capability to generate various types of DDoS attacks simultaneously, including the Smurf attack, ICMP flood, UDP flood, and TCP SYN flood. This DDoS issue encouraged the design of a classification technique against DDoS attacks that enter a computer network environment. The technique is called Packet Threshold Algorithm (PTA) and is combined with several machine learning to classify incoming packets that have been captured and recorded. Apart from that, the combination of techniques can differentiate between normal packets and DDoS attacks. The performance of all techniques in the research achieved high detection accuracy while mitigating the issue of a high false positive rate. The four techniques focused in this research are PTA-SVM, PTA-NB, PTA-LR and PTA-KNN. Based on the results of detection accuracy and false positive rate for all the techniques involved, it proves the PTA-KNN technique is a more effective technique in the context of detection of incoming packets whether DDoS attacks or normal packets. © (2024), (Science and Information Organization). All Rights Reserved.