Man-in-the-middle and denial of service attacks detection using machine learning algorithms

Sura Abdulmunem Mohammed Al-Juboori, Firas Hazzaa, Zinah Sattar Jabbar, Sinan Salih, Hassan Muwafaq Gheni

Abstract


Network attacks (i.e., man-in-the-middle (MTM) and denial of service (DoS) attacks) allow several attackers to obtain and steal important data from physical connected devices in any network. This research used several machine learning algorithms to prevent these attacks and protect the devices by obtaining related datasets from the Kaggle website for MTM and DoS attacks. After obtaining the dataset, this research applied preprocessing techniques like fill the missing values, because this dataset contains a lot of null values. Then we used four machine learning algorithms to detect these attacks: random forest (RF), eXtreme gradient boosting (XGBoost), gradient boosting (GB), and decision tree (DT). To assess the performance of the algorithms, there are many classification metrics are used: precision, accuracy, recall, and f1-score. The research achieved the following results in both datasets: i) all algorithms can detect the MTM attack with the same performance, which is greater than 99% in all metrics; and ii) all algorithms can detect the DoS attack with the same performance, which is greater than 97% in all metrics. Results showed that these algorithms can detect MTM and DoS attacks very well, which is prompting us to use their effectiveness in protecting devices from these attacks.


Keywords


Attacks detection; Classification metrics; Computer networks and communications; DoS attack; Machine learning; MTM attack

Full Text:

PDF


DOI: https://doi.org/10.11591/eei.v12i1.4555

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Bulletin of EEI Stats