Title :
Supervised learning to detect DDoS attacks
Author :
Balkanli, Eray ; Alves, Joao ; Zincir-Heywood, A. Nur
Author_Institution :
Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada
Abstract :
In this research, we explore the performances of two supervised learning techniques and two open-source network intrusion detection systems (NIDS) on backscatter darknet traffic. We employ Bro and Corsaro open-source systems as well as the CART Decision Tree and Naive Bayes machine learning classifiers. While designing our machine learning classifiers, we used different sizes of training/test sets and different feature sets to understand the importance of data pre-processing. Our results show that a machine learning base approach can achieve very high performance on such backscatter darknet traffic without using IP addresses and port numbers.
Keywords :
Bayes methods; computer network security; decision trees; learning (artificial intelligence); pattern classification; public domain software; Bro open-source system; CART decision tree classifier; Corsaro open-source system; DDoS attacks; IP addresses; NIDS; Naive Bayes machine learning classifier; backscatter darknet traffic; network intrusion detection systems; supervised learning techniques; Backscatter; Computer crime; Decision trees; IP networks; Ports (Computers); Protocols; Training; Backscatter detection; Network security; Supervised learning; network intrusion detection systems;
Conference_Titel :
Computational Intelligence in Cyber Security (CICS), 2014 IEEE Symposium on
Conference_Location :
Orlando, FL
DOI :
10.1109/CICYBS.2014.7013367
