Research Topic : A Machine Learning Based DDoS Detection System
**Research Topic : A Machine Learning Based DDoS Detection System**
Supervisor - Mr. Nuwan Kuruwitaarachchi
Co-Supervisor - Mr. Kavinga Yapa Abeywardena
**Supervisor - Mr. Nuwan Kuruwitaarachchi**
**Co-Supervisor - Mr. Kavinga Yapa Abeywardena**
Member 1(Leader) - IT17114172 - A.U. Sudugala
Member 2 - IT17106702 - W.H.Chanuka
Member 3 - IT17124904 - A.M.N. Eshan
Member 4 - IT17111034 - U.C.S. Bandara
**Member 1(Leader) - IT17114172 - A.U. Sudugala**
**Member 2 - IT17106702 - W.H.Chanuka**
**Member 3 - IT17124904 - A.M.N. Eshan**
**Member 4 - IT17111034 - U.C.S. Bandara**
Project Description**
**Project Description**
This project proposed a solution that involves building an Intrusion Detection System to detect Distributed Denial of Service attacks using Machine Learning algorithms for a given network. Four most common and dangerous DDoS attacks and respectively four different machine learning algorithms are used to train the proposed system.
...
...
@@ -24,10 +24,9 @@ As DDoS attacks are spreading all over the world many types of DDoS attacks are
As DDoS attacks are capable of filtering to drop attack traffic before passing the normal traffic to the destination, redirecting all destinations to a third-party DNS, such as Akamai and Cloudflare are some of the practical approaches used to mitigate this fundamental threat.
Even though with such kinds of approaches are available and requires no upgrades to the existing network infrastructure and able to handle very massive attacks, recent industrial interviews boils the fact that this approach alone is not capable especially for wide scope organizations such as web hosting organizations and governments as they are unable to handover the direct network control to a third-party security service. Hence, they must depend on their ISPs to filter out suspicious attack traffic.
**Research Objectives
**Research Objectives**
Main Objective :
**
**Main Objective :**
The main objective of the research is to provide an Intrusion Detection System which can detect the DDoS attacks using Machine Learning Algorithms by identifying the suspicious packets, dropping them and sending a notification about the activity to all the network connected authorities. Organizations will be able to provide secure communication and risk-free experience with a well-secured IoT environment through the proposed system. Most of the networks and IoT devices are very difficult to maintain because of the lack of security issues and lack of knowledge on these devices. It is required to have a proper mechanism to protect the network and interconnected IoT devices with no intruder disruptions. Along with it, there should be a mechanism to maintain the data privacy of the organization and the employees. Most of the time organizations must pay a huge amount of money to hire an expert to configure the network and it takes more time to get the outcome.
Specific Objectives :
...
...
@@ -64,7 +63,7 @@ This component is to identify the .pcap files and figure out whether it is a Slo
Volumetric Distributed Denial of Service attack is one of the severe malicious attack which can be seen on Internet and it is responsible for more than half of all kinds of those attacks. This components are to detect volumetric attacks using machine learning and to make a safe environment for the users without DDoS disruption.
System Architecture
This is the System overview diagram.
**System Overview Diagram**
According to the above diagram, first malicious traffic signatures should be obtained from the raw data and then added to the database. In order do this a dataset which is related to the NTP Amplification attack is used. Then by using the feature selection generation of the SDS will be done and afterwards the Machine Learning Algorithm is being trained. Then it is supplied to the system of traffic classification.
