基于机器学习的ddos攻击分类方法

2021 IEEE 18th International Conference on Smart Communities: Improving Quality of Life Using ICT, IoT and AI (HONET) Pub Date : 2021-10-11 DOI:10.1109/HONET53078.2021.9615392

Shameel Syed, Faheem Khuhawar, Shahnawaz Talpur

{"title":"基于机器学习的ddos攻击分类方法","authors":"Shameel Syed, Faheem Khuhawar, Shahnawaz Talpur","doi":"10.1109/HONET53078.2021.9615392","DOIUrl":null,"url":null,"abstract":"Network Intrusion Detection System (NIDS) is used to detect anomalous activities that occur in the network, whether the activity arises from outside or from inside. An extensive amount of studies have been done in the domain of NIDS using Machine Learning, Deep Learning, and Reinforcement Learning based techniques on publicly available datasets. The main problem lies in publicly available datasets as the datasets are un-realistic and too general for real-life events and attacks and thus the models trained may produce better results during the training and testing phase but once it is deployed in the real network, most of the attacks may go undetected. This research focuses on a specific protocol “Dynamic Host Control Protocol” which is enabled in most of networks whether the network is small, medium or large. In this research, DHCP specific dataset was generated and trained with different classifiers to analyze their performance. Random Forest classifier presented better results among other classifiers.","PeriodicalId":177268,"journal":{"name":"2021 IEEE 18th International Conference on Smart Communities: Improving Quality of Life Using ICT, IoT and AI (HONET)","volume":"261 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Machine Learning Approach For Classification of DHCP DoS Attacks in NIDS\",\"authors\":\"Shameel Syed, Faheem Khuhawar, Shahnawaz Talpur\",\"doi\":\"10.1109/HONET53078.2021.9615392\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Network Intrusion Detection System (NIDS) is used to detect anomalous activities that occur in the network, whether the activity arises from outside or from inside. An extensive amount of studies have been done in the domain of NIDS using Machine Learning, Deep Learning, and Reinforcement Learning based techniques on publicly available datasets. The main problem lies in publicly available datasets as the datasets are un-realistic and too general for real-life events and attacks and thus the models trained may produce better results during the training and testing phase but once it is deployed in the real network, most of the attacks may go undetected. This research focuses on a specific protocol “Dynamic Host Control Protocol” which is enabled in most of networks whether the network is small, medium or large. In this research, DHCP specific dataset was generated and trained with different classifiers to analyze their performance. Random Forest classifier presented better results among other classifiers.\",\"PeriodicalId\":177268,\"journal\":{\"name\":\"2021 IEEE 18th International Conference on Smart Communities: Improving Quality of Life Using ICT, IoT and AI (HONET)\",\"volume\":\"261 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-10-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE 18th International Conference on Smart Communities: Improving Quality of Life Using ICT, IoT and AI (HONET)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/HONET53078.2021.9615392\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE 18th International Conference on Smart Communities: Improving Quality of Life Using ICT, IoT and AI (HONET)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HONET53078.2021.9615392","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

网络入侵检测系统(NIDS)用于检测网络中发生的异常活动，无论这些活动是由外部还是内部引起的。在NIDS领域，使用基于公开可用数据集的机器学习、深度学习和强化学习技术进行了大量的研究。主要问题在于公开可用的数据集，因为数据集不真实，对于现实生活中的事件和攻击来说过于笼统，因此训练的模型可能在训练和测试阶段产生更好的结果，但一旦部署到真实网络中，大多数攻击可能无法被检测到。本研究的重点是一个特定的协议“动态主机控制协议”，它在大多数网络中都是启用的，无论网络是小型，中型还是大型。在本研究中，生成DHCP特定的数据集，并使用不同的分类器进行训练，以分析它们的性能。随机森林分类器在其他分类器中表现出较好的分类效果。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Machine Learning Approach For Classification of DHCP DoS Attacks in NIDS

Network Intrusion Detection System (NIDS) is used to detect anomalous activities that occur in the network, whether the activity arises from outside or from inside. An extensive amount of studies have been done in the domain of NIDS using Machine Learning, Deep Learning, and Reinforcement Learning based techniques on publicly available datasets. The main problem lies in publicly available datasets as the datasets are un-realistic and too general for real-life events and attacks and thus the models trained may produce better results during the training and testing phase but once it is deployed in the real network, most of the attacks may go undetected. This research focuses on a specific protocol “Dynamic Host Control Protocol” which is enabled in most of networks whether the network is small, medium or large. In this research, DHCP specific dataset was generated and trained with different classifiers to analyze their performance. Random Forest classifier presented better results among other classifiers.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 IEEE 18th International Conference on Smart Communities: Improving Quality of Life Using ICT, IoT and AI (HONET)

自引率

0.00%

发文量