AnubisFlow: A Feature Extractor for Distributed Denial of Service Attack Classification

被引：0

作者：

Barzilay, Alan ^{[1
]}

Martinelli, Caio L. ^{[1
]}

Nogueira, Michele ^{[2
]}

Batista, Daniel M. ^{[1
]}

Hirata, Roberto, Jr. ^{[1
]}

机构：

[1] Univ Sao Paulo, Dept Comp Sci, Sao Paulo, SP, Brazil

[2] Univ Fed Minas Gerais, Dept Comp Sci, Belo Horizonte, MG, Brazil

来源：

PROCEEDINGS OF THE 2021 12TH INTERNATIONAL CONFERENCE ON NETWORK OF THE FUTURE (NOF 2021) | 2021年

基金：

巴西圣保罗研究基金会;

关键词：

Distributed Denial of Service; Intrusion Detection System; Feature Extraction; DDOS;

D O I：

10.1109/NoF52522.2021.9609918

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

The detection and mitigation of DDoS attacks require a system to analyze and process the incoming network flow in a live capture manner. In this scenario, an efficient analysis depends on a good set of features to classify the traffic. With this goal in mind, we propose a technique based on a new set of features that are computationally inexpensive and descriptive of the data stream. Moreover, the technique considers the flows in many moments, not only when they are finished. We analyze its predicting performance by creating a decision tree model and a logistic regression, which achieved 99.98% and 95.99% Cohen's Kappa coefficient, respectively. In spirit with the recent trend toward reproducibility of research results, we integrate the proposal in an open-source tool called AnubisFlow. Also, our analysis for the models is available as open data to the scientific community.

引用

页数：8

共 50 条

[1] Evaluation of Classification algorithms for Distributed Denial of Service Attack Detection
Gohil, Maulik
Kumar, Sathish
[J]. 2020 IEEE THIRD INTERNATIONAL CONFERENCE ON ARTIFICIAL INTELLIGENCE AND KNOWLEDGE ENGINEERING (AIKE 2020), 2020, : 138 - 141
[2] A survey of Distributed Denial of Service attack
Mallikarjunan, K. Narasimha
Muthupriya, K.
Shalinie, S. Mercy
[J]. PROCEEDINGS OF THE 10TH INTERNATIONAL CONFERENCE ON INTELLIGENT SYSTEMS AND CONTROL (ISCO'16), 2016,
[3] Massive distributed denial of service attack
不详
[J]. COMPUTERS & SECURITY, 2003, 22 (06) : 465 - 465
[4] Detecting Distributed Denial of Service Attack Based on Multi-feature Fusion
Cheng, Jieren
Yin, Jianping
Liu, Yun
Cai, Zhiping
Wu, Chengkun
[J]. SECURITY TECHNOLOGY, PROCEEDINGS, 2009, 58 : 132 - 139
[5] Formalized Description of Distributed Denial of Service Attack
杜彦辉
马锐
刘玉树
[J]. Journal of Beijing Institute of Technology, 2004, (04) : 360 - 364
[6] Distributed Denial of Service: Attack techniques and mitigation
Vanitha, K. S.
Uma, S. V.
Mahidhar, S. K.
[J]. 2017 2ND INTERNATIONAL CONFERENCE ON CIRCUITS, CONTROLS, AND COMMUNICATIONS (CCUBE), 2017, : 226 - 231
[7] A detection design for distributed denial of service attack
Fujita, N
[J]. 6TH WORLD MULTICONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL I, PROCEEDINGS: INFORMATION SYSTEMS DEVELOPMENT I, 2002, : 78 - 82
[8] An analysis and fingerprinting of a distributed denial of service attack
Sung, MH
Haas, M
Xu, J
[J]. 6TH WORLD MULTICONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL VIII, PROCEEDINGS: CONCEPTS AND APPLICATIONS OF SYSTEMICS, CYBERNETICS AND INFORMATICS II, 2002, : 274 - 279
[9] Honeypot Scheme for Distributed Denial-of-Service Attack
Das, Vinu V.
[J]. INTERNATIONAL CONFERENCE ON ADVANCED COMPUTER CONTROL : ICACC 2009 - PROCEEDINGS, 2009, : 497 - 501
[10] Attack Detection of Distributed Denial of Service Based on Splunk
Su, Te-Jen
Wang, Shih-Ming
Chen, Yi-Feng
Liu, Chao-Liang
[J]. PROCEEDINGS OF THE IEEE INTERNATIONAL CONFERENCE ON ADVANCED MATERIALS FOR SCIENCE AND ENGINEERING (IEEE-ICAMSE 2016), 2016, : 397 - 400

← 1 2 3 4 5 →