Detecting TCP Flood DDoS Attack by Anomaly Detection based on Machine Learning Algorithms

Abstract

The comfort area created by the fact that people can access everything via the internet has led to an increase in the rate of internet use in recent years. The rise of concepts such as 5G, Internet of Things(IoT), Cloud/Edge/Fog Computing shows that this usage will increase day by day. While this increase brings convenience to humanity, it also increases the appetite of malicious people. Cyber attacks are increasing day by day and many individual or corporate users are harmed. In this study, it is aimed to detect Distributed Denial of Service(DDoS) attacks, which are the most common and most harmful of the bullying we mentioned. We focused on detecting TCP-Flood attacks, which is one of the most preferred DDoS attack types, using various machine learning algorithms. The part that made this job difficult and different was the targeting of real-time detection.