CNR Institutional Research Information System

Distributed Denial of Service (DDoS) attacks disrupt global network services by mainly overwhelming the host victim with requests originating from multiple traffic sources. DDoS attacks are currently on the rise due to the ease of execution and rental of distributed architectures, which could potentially result in substantial revenue losses. Therefore, the detection and prevention of DDoS attacks are currently topics of high interest. In this study, we utilize traffic flow information to determine if a specific flow is associated with a DDoS attack. We evaluate traditional Machine Learning (ML) methods in developing our DDoS detector and utilize an exhaustive hyperparameter search to optimize the detection capability of each ML model. Our evaluation shows that most algorithms provide satisfactory results, with Random Forests achieving as high as 99\% of detection accuracy, which is comparable to existing deep learning approaches.

Evaluating ML-based DDoS Detection with Grid Search Hyperparameter Optimization

M Repetto;
2021

Abstract

Distributed Denial of Service (DDoS) attacks disrupt global network services by mainly overwhelming the host victim with requests originating from multiple traffic sources. DDoS attacks are currently on the rise due to the ease of execution and rental of distributed architectures, which could potentially result in substantial revenue losses. Therefore, the detection and prevention of DDoS attacks are currently topics of high interest. In this study, we utilize traffic flow information to determine if a specific flow is associated with a DDoS attack. We evaluate traditional Machine Learning (ML) methods in developing our DDoS detector and utilize an exhaustive hyperparameter search to optimize the detection capability of each ML model. Our evaluation shows that most algorithms provide satisfactory results, with Random Forests achieving as high as 99\% of detection accuracy, which is comparable to existing deep learning approaches.
2021
Istituto di Matematica Applicata e Tecnologie Informatiche - IMATI -
Inglese
The 3rd International Workshop on Cyber-Security Threats, Trust and Privacy management in Software-defined and Virtualized Infrastructures (SecSoft 21)
Sì, ma tipo non specificato
2/7/2021
Tokyo, Giappone (online per pandemia covid-19)
DDoS Detection; Machine Learning; Network Security
4
restricted
R Sanchez, O; Repetto, M; Carrega, A; Bolla, R
273
info:eu-repo/semantics/conferenceObject
04 Contributo in convegno::04.01 Contributo in Atti di convegno
   AddreSsing ThReats for virtualIseD services
   ASTRID
   H2020
   786922

   A cybersecurity framework to GUArantee Reliability and trust for Digital service chains
   GUARD
   H2020
   833456
File in questo prodotto:
File Dimensione Formato  
prod_452960-doc_171053.pdf

solo utenti autorizzati

Descrizione: Evaluating ML-based DDoS Detection with Grid Search Hyperparameter Optimization
Tipologia: Documento in Pre-print
Dimensione 2.85 MB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
2.85 MB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14243/396243
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact