A system approach to network modeling for DDoS detection using a Naìve Bayesian classifier

Abstract

Denial of Service(DoS) attacks pose a big threat to any electronic society. DoS and DDoS attacks are catastrophic particularly when applied to highly sensitive targets like Critical Information Infrastructure. While research literature has focussed on using various fundamental classifier models for detecting attacks, the common trend observed in literature is to classify DoS attacks into the broad class of intrusions, which makes proposed solutions to this class of attacks unrealistic in practical terms. In this work, the approach to a carefully engineered, practically realised system to detect DoS attacks using a Naìve Bayesian(NB) classifier is described. The work includes network modeling for two protocols - TCP and UDP.