Detection of denial of service using a cascaded multi-classifier Online publication date: Thu, 12-Aug-2021
by Avneet Dhingra; Monika Sachdeva
International Journal of Computational Science and Engineering (IJCSE), Vol. 24, No. 4, 2021
Abstract: The paper proposes a cascaded multi-classifier two-phase intrusion detection (TP-ID) approach that can be trained to monitor incoming traffic for any suspicious data. It addresses the issue of efficient detection of intrusion in traffic and further classifies the suspicious traffic as a DDoS attack or flash event. Features portraying the behaviour of normal, DDoS attack, and flash event are extracted from historical data obtained after merging CAIDA'07, SlowDoS2016, CIC-IDS-2017, and WorldCup 1998 benchmark datasets available online along with the commercial dataset for e-shopping assistant website. Information gain is applied to rank and select the most relevant features. TP-ID applies supervised learning algorithms in the two phases. Each phase tests the set of classifiers, the best of which is chosen for building a model. The performance of the system is evaluated using the detection rate, false-positive rate, mean absolute percentage error, and classification rate. The proposed approach classifies the traffic anomalies with a 99% detection rate, 0.43% FPR, and 99.51% classification rate.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Computational Science and Engineering (IJCSE):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com