IDS for Improving DDoS attack recognition based on attack profiles and network traffic features
Intrusion detection system (IDS) is one of the important parts in security domains of the present time. Distributed Denial of Service (DDoS) detection involves complex process which reduces the overall performance of the system, and consequently, it may incur inefficiency or failure to the network....
| Main Authors: | , , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English English |
| Published: |
IEEE
2020
|
| Subjects: | |
| Online Access: | http://umpir.ump.edu.my/id/eprint/29302/ http://umpir.ump.edu.my/id/eprint/29302/2/IDS%20for%20Improving%20DDoS%20Attack%20Recognition%20Based%20on%20Attack%20Profiles%20and%20Network%20Traffic%20Feature.pdf http://umpir.ump.edu.my/id/eprint/29302/13/IDS%20for%20improving%20DDoS%20attack%20recognition%20based%20on%20attack%20profiles%20and%20network%20traffic%20features.pdf |
| _version_ | 1848823251192512512 |
|---|---|
| author | Sallam, Amer A. Kabir, M. Nomani Alginahi, Yasser M. Jamal, Ahmed Esmeel, Thamer Khalil |
| author_facet | Sallam, Amer A. Kabir, M. Nomani Alginahi, Yasser M. Jamal, Ahmed Esmeel, Thamer Khalil |
| author_sort | Sallam, Amer A. |
| building | UMP Institutional Repository |
| collection | Online Access |
| description | Intrusion detection system (IDS) is one of the important parts in security domains of the present time. Distributed Denial of Service (DDoS) detection involves complex process which reduces the overall performance of the system, and consequently, it may incur inefficiency or failure to the network. In this paper, the attacks database is split into a set of groups by classifying the attack types in terms of the most dominant features that define the profile of each attack along with the sensitive network traffic features. Decision Tree, AdaBoost, Random Forest, K-Nearest Neighbors and Naive Bayes are then used to classify each attack according to their profile features. DDoS attack was considered for all chosen classifiers. It is found that the average classification accuracy for the above-mentioned algorithms is 95.31% , 95.68%, 95.69%, 92.61% and 83.11%, respectively, providing plausible results when comparing to other existing models. |
| first_indexed | 2025-11-15T02:54:10Z |
| format | Conference or Workshop Item |
| id | ump-29302 |
| institution | Universiti Malaysia Pahang |
| institution_category | Local University |
| language | English English |
| last_indexed | 2025-11-15T02:54:10Z |
| publishDate | 2020 |
| publisher | IEEE |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | ump-293022022-11-17T06:55:22Z http://umpir.ump.edu.my/id/eprint/29302/ IDS for Improving DDoS attack recognition based on attack profiles and network traffic features Sallam, Amer A. Kabir, M. Nomani Alginahi, Yasser M. Jamal, Ahmed Esmeel, Thamer Khalil QA75 Electronic computers. Computer science Intrusion detection system (IDS) is one of the important parts in security domains of the present time. Distributed Denial of Service (DDoS) detection involves complex process which reduces the overall performance of the system, and consequently, it may incur inefficiency or failure to the network. In this paper, the attacks database is split into a set of groups by classifying the attack types in terms of the most dominant features that define the profile of each attack along with the sensitive network traffic features. Decision Tree, AdaBoost, Random Forest, K-Nearest Neighbors and Naive Bayes are then used to classify each attack according to their profile features. DDoS attack was considered for all chosen classifiers. It is found that the average classification accuracy for the above-mentioned algorithms is 95.31% , 95.68%, 95.69%, 92.61% and 83.11%, respectively, providing plausible results when comparing to other existing models. IEEE 2020 Conference or Workshop Item PeerReviewed pdf en http://umpir.ump.edu.my/id/eprint/29302/2/IDS%20for%20Improving%20DDoS%20Attack%20Recognition%20Based%20on%20Attack%20Profiles%20and%20Network%20Traffic%20Feature.pdf pdf en http://umpir.ump.edu.my/id/eprint/29302/13/IDS%20for%20improving%20DDoS%20attack%20recognition%20based%20on%20attack%20profiles%20and%20network%20traffic%20features.pdf Sallam, Amer A. and Kabir, M. Nomani and Alginahi, Yasser M. and Jamal, Ahmed and Esmeel, Thamer Khalil (2020) IDS for Improving DDoS attack recognition based on attack profiles and network traffic features. In: 16th IEEE International Colloquium on Signal Processing and its Applications, CSPA 2020 , 28-29 February 2020 , Langkawi, Malaysia. pp. 255-260.. ISBN 978-172815310-0 (Published) https://doi.org/10.1109/CSPA48992.2020.9068679 doi:10.1109/CSPA48992.2020.9068679 |
| spellingShingle | QA75 Electronic computers. Computer science Sallam, Amer A. Kabir, M. Nomani Alginahi, Yasser M. Jamal, Ahmed Esmeel, Thamer Khalil IDS for Improving DDoS attack recognition based on attack profiles and network traffic features |
| title | IDS for Improving DDoS attack recognition based on attack profiles and network traffic features |
| title_full | IDS for Improving DDoS attack recognition based on attack profiles and network traffic features |
| title_fullStr | IDS for Improving DDoS attack recognition based on attack profiles and network traffic features |
| title_full_unstemmed | IDS for Improving DDoS attack recognition based on attack profiles and network traffic features |
| title_short | IDS for Improving DDoS attack recognition based on attack profiles and network traffic features |
| title_sort | ids for improving ddos attack recognition based on attack profiles and network traffic features |
| topic | QA75 Electronic computers. Computer science |
| url | http://umpir.ump.edu.my/id/eprint/29302/ http://umpir.ump.edu.my/id/eprint/29302/ http://umpir.ump.edu.my/id/eprint/29302/ http://umpir.ump.edu.my/id/eprint/29302/2/IDS%20for%20Improving%20DDoS%20Attack%20Recognition%20Based%20on%20Attack%20Profiles%20and%20Network%20Traffic%20Feature.pdf http://umpir.ump.edu.my/id/eprint/29302/13/IDS%20for%20improving%20DDoS%20attack%20recognition%20based%20on%20attack%20profiles%20and%20network%20traffic%20features.pdf |