Detecting & Classifying DDoS Attacks Using Machine Learning, New Research

   November 25, 2024  Posted in CyberSecurityNews


A new research has unveiled promising developments in the detection and classification of Distributed Denial of Service (DDoS) attacks through the application of advanced machine learning techniques.

This breakthrough comes at a critical time as cybersecurity threats continue to evolve and pose significant challenges to network infrastructure worldwide.

DDoS attacks are malicious attempts to disrupt the normal functioning of a target server by overwhelming it with a flood of Internet traffic.

These attacks often utilize multiple compromised computers or IoT devices to amplify their impact, making them particularly difficult to mitigate.

Cybersecurity analysts from East West University and International University of Business Agriculture and Technology observed that the study focuses on two primary machine learning approaches to detect and classify modern DDoS attacks:

  1. Logistic Regression
  2. Support Vector Machine (SVM)

These methods were applied to a comprehensive dataset containing 27 attributes and over 1 million records, representing various types of network traffic, including normal flows and different DDoS attack patterns.

Both the Logistic Regression and SVM models achieved an impressive classification accuracy of 98.65%, outperforming previously tested methods on the same dataset.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Technical Analysis

The models demonstrated high precision and recall rates for most attack types:-

Detecting & Classifying DDoS Attacks Using Machine Learning, New Research
Attack Classification (Source – Arxiv)

However, the SIDDOS (SQL Injection DDoS) attack showed lower recall rates, indicating an area for potential improvement.

This research represents a significant step forward in the automated detection of DDoS attacks. The high accuracy and ability to classify multiple attack types suggest that these machine learning models could be valuable tools for network administrators and security professionals.

The researchers plan to expand their work by:-

  1. Incorporating additional datasets to classify new types of DDoS attacks
  2. Refining the models to improve detection of SIDDOS attacks
  3. Exploring hybrid machine learning approaches for enhanced performance

As DDoS attacks continue to evolve, this research paves the way for more robust and adaptive defense mechanisms, potentially revolutionizing the field of network security.

Analyze cyber threats with ANYRUN's powerful sandbox. Black Friday Deals : Get up to 3 Free Licenses.



Source link