Design and Implementation of Post-Detection of Denial of Service (DoS) as a Mitigation System (PDDMS) Based on Dynamic Access Control List Algorithm

Abstract

Computer networking maintenance and monitoring have been essential things. A human administrator could not monitor the whole resources for 24 hours and take action directly in inactive hours when an incident occurs. Automating the network appliance with the integration of an attack detection system could help solve the problem. This study mainly focuses on mitigating network attacks using the Dynamic Thresholding algorithm as a detection and mitigation system based on network automation using the Dynamic Access Control List algorithm. The data used for this research is self-generated in a virtual environment and a mitigation system written in Python to automate the router configuration through REST API. Prototype of the mitigation system, namely post-detection of DoS as a Mitigation System (PDDMS). The system testing phase results show that the mitigation system has an average of 1.57 seconds response time to configure ACL for one router. The implementation evaluated using Confusion Matrix shows 0% results of True-Positive Rate in the generated dataset, with 23.01% of accuracy and no positive results detected, which resulted in no response taken by mitigation system.