A Machine Learning Approach for Detecting Distributed Denial of - - PowerPoint PPT Presentation

a machine learning approach for detecting distributed
SMART_READER_LITE
LIVE PREVIEW

A Machine Learning Approach for Detecting Distributed Denial of - - PowerPoint PPT Presentation

Aug 24, 2023 37 likes •212 views

A Machine Learning Approach for Detecting Distributed Denial of Service Attacks Tanaphon Roempluk Master's degree studying Majoring in Information technology Faculty of informatics, Mahasarakham University The 4th International Conference on

slide-1
SLIDE 1

A Machine Learning Approach for Detecting Distributed Denial of Service Attacks

Tanaphon Roempluk Master's degree studying Majoring in Information technology Faculty of informatics, Mahasarakham University

The 4th International Conference on Digital Arts,Media and Technology and 2nd ECTI Northern Section Conference on Electrical, Electronics, Computer and Telecommunications Engineering. ECTI DAMT and NCON 2019 January 30 - February 2, 2019, Nan Thailand

slide-2
SLIDE 2

Presentation is Divided Into Five Parts:

First part : Introduction. Second part : Method for classifying. Third part : Describe. Fourth part : Experience and Results. Final part : Summarize.

slide-3
SLIDE 3

Introduction

slide-4
SLIDE 4

Method for Classifying

Network Security Information Machine Learning

Classifying DDoS Attack

slide-5
SLIDE 5

Technique for Classification

Classification

Accuracy Rate

Support Vector Machine (SVM) The K-Nearest-Neighbor (KNN) Multi-Layer Perceptron (MLP)

slide-6
SLIDE 6

Cross Validation Method

DATA

Cross Validation method K = 2,5,10

Testing data Training data

slide-7
SLIDE 7

Grid Search Method

Best Parameters Grid Search

KDD NSL KDD S e n t Sent

Performance

slide-8
SLIDE 8

Data Analysis

DATA

  • Normal Class
  • DOS Attacks Class
  • R2L Attacks Class
  • U2R Attacks Class
  • Probing Attacks Class

The datasets were divided into Normal Class and 4 features of attack class. In the dataset of this research, there are 41 features which are selected only normal and DDoS attacks

slide-9
SLIDE 9

Data Pre-Processing

DATA

1,1,0,TCP, Normal 1,1,0,TCP, Normal 0,1,0,TCP, Normal 1,1,1,TCP, Normal 1,0,1,UDP,DOS 1,0,1,UDP,DOS

Removed Duplicate Data.

slide-10
SLIDE 10

Data Pre-Processing

1,1,0,TCP, Normal 1,0,1,UDP, DOS

1,1,0,1, Normal 1,0,1,2, DOS

Convert Alphabet to Numeric

slide-11
SLIDE 11

Data Series

DATASET KDD, NSL KDD Series 3 has 7 classes Neptune, Pod, Smurf, Teardrop, Land, Back and Normal Series 2 has 6 classes DDoS attacks. There are Neptune, Pod, Smurf, Teardrop, Land and Back Series 1 has 2 classes Normal and Attack

The dataset was divided into 3 series

slide-12
SLIDE 12

Modeling of Data for DDoS Attacks Classification

KDD NSL KDD

Cross Validation method

Testing data 50% Training data 50% Modeling

SVM, KNN, MLP

Classification Evaluation

slide-13
SLIDE 13

ACCURACY RESULTS OF THE KDD DATASE

slide-14
SLIDE 14

ACCURACY RESULTS OF THE NSL-KDD DATASE

slide-15
SLIDE 15

CONCLUSION

  • Find a special feature
  • Reduce the number of

features

  • Not reduce the accuracy rate
slide-16
SLIDE 16
slide-17
SLIDE 17