Fast and accurate classifying model for denial-of-service attacks by using machine learning

Mohammed Ibrahim Kareem, Mahdi Nsaif Jasim

Abstract


A denial of service (DoS) attack is one of the dangerous threats to networks that Internet resources and services will be less available, as they are easily operated and difficult to detect. As a result, identifying these intrusions is a hot issue in cybersecurity. Intrusion detection systems that use classic machine learning algorithms have a long testing period and high computational complexity. Therefore, it is critical to develop or improve techniques for detecting such an attack as quickly as possible to reduce the impact of the attack. As a result, we evaluate the effectiveness of rapid machine learning methods for model testing and generation in communication networks to identify denial of service attacks. In WEKA tools, the CICIDS2017 dataset is used to train and test multiple machine learning algorithms. The wide learning system and its expansions and the REP tree (REPT), random tree (RT), random forest (RF), decision stump (DS), and J48 were all evaluated. Experiments have shown that J48 takes less testing time and performs better, whereases it is performed by using 4-8 features. An accuracy result of 99.51% and 99.96% was achieved using 4 and 8 features, respectively.


Keywords


CICIDS2017; Denial of service; Fast DDoS detection; J48 Classifier; Machine learning

Full Text:

PDF


DOI: https://doi.org/10.11591/eei.v11i3.3688

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Bulletin of EEI Stats