Abstract
In the last few years, the Digital Services industry has grown tremendously, offering numerous services through the Internet and using a recent concept or business model called cloud computing. For this reason, new threats and cyber-attacks have appeared, such as Denial of Service attacks. Their main objective is to prevent legitimate users from accessing services (websites, online stores, blogs, social media, banking services, etc.) offered by different companies on the Internet. In addition, it produces collateral damage in host and web servers, for example, exhaustion of network bandwidth and computer resources of the victim. In this article, we will analyze the information contained in NSL-KDD data-set, which possesses important records about the several behaviors of network traffic. These will be selected to present two methods of selection of features that allow the selection of the most relevant attributes within the data set, to build an Intrusion Detection System. The attributes selected for this experiment will be of great help to train and test various kernels of the Support Vector Machine. Once the model has been tested, an evaluation of the classification model will be performed using the cross-validation technique and we finally can choose the best classifier.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
Scikit-learn Machine Learning in Python, https://scikit-learn.org.
References
Ajagekar, S.K., Jadhav,V.: Study on web DDoS attacks detection using multinomial classifer. In 2016 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), pp. 1–5, Chennai, India, December 2016. IEEE (2016)
Ashraf, J., Latif, S.: Handling intrusion and DDoS attacks in software defined networks using machine learning techniques. In: 2014 National Software Engineering Conference, pp. 55–60. IEEE (2014)
Bhavsar, Y.B., Waghmare, K.C.: Intrusion detection system using data mining technique: support vector machine. Int. J. Emerg. Technol. Adv. Eng. 3(3), 581–586 (2013)
Chandrashekar, G., Sahin, F.: A survey on feature selection methods. Comput. Electr. Eng. 40(1), 16–28 (2014)
Criscuolo, P.J.: Distributed denial of service: Trin00, Tribe Flood Network, Tribe Flood Network 2000, and Stacheldraht CIAC-2319. In: Lawrence Livermore National Laboratory, p. 18, February 2000
Deokar, B., Ambarish, H.: Intrusion detection system using log files and reinforcement learning. Int. J. Comput. Appl. 45(19), 28–35 (2012)
Deshmukh, R.V., Devadkar, K.K.: Understanding DDoS attack and its effect in cloud environment. Procedia Comput. Sci. 49, 202–210 (2015)
Doshi, R., Apthorpe, N., Feamster, N.: Machine learning ddos detection for consumer internet of things devices. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 29–35. IEEE (2018)
Fayyad, U., Piatetsky-Shapiro, G., Smyth, P.: The kdd process for extracting useful knowledge from volumes of data. Commun. ACM 39(11), 27–34 (1996)
Feizollah, A., Anuar, N., Salleh, R., Amalina, F., Maarof, R.R., Shamshirband, S.: A study of machine learning classifiers for anomaly-based mobile botnet detection. Malays. J. Comput. Sci. 26, 251–265 (2013)
Gyanchandani, M., Rana, J.L., Yadav, R.N.: Taxonomy of anomaly based intrusion detection system: a review. Int. J. Sci. Res. Publ. 2(12), 1–13 (2012)
Kaur, P., Kumar, M., Bhand, A.: A review of detection approaches for distributed denial of service attacks. Syst. Sci. Control Eng. 5(1), 301–320 (2017)
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD cup 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6. IEEE (2009)
Zargar, S.T., Joshi, J., Tipper, D.: A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Commun. Surv. Tutor. 15(4), 2046–2069 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Álvarez Almeida, L., Martinez-Santos, J.C. (2020). SIDS-DDoS, a Smart Intrusion Detection System for Distributed Denial of Service Attacks. In: Botto-Tobar, M., León-Acurio, J., Díaz Cadena, A., Montiel Díaz, P. (eds) Advances in Emerging Trends and Technologies. ICAETT 2019. Advances in Intelligent Systems and Computing, vol 1067. Springer, Cham. https://doi.org/10.1007/978-3-030-32033-1_35
Download citation
DOI: https://doi.org/10.1007/978-3-030-32033-1_35
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-32032-4
Online ISBN: 978-3-030-32033-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)