Analysis And Detection Of Traffic From DOS Attack Tools Using Data Mining
No Thumbnail Available
Date
2019-10
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
KNUST
Abstract
There has been a significant increase in the use of the internet over the past 20 years. As of
June 2019, it was estimated that the number of internet users worldwide was over 4.4 billion,
corresponding to about 57% of the world’s population. The increase in the use and
dependability of the internet has left in its trail a wide variety of vulnerabilities to defend
against. One of the key security concepts that helps to guide cybersecurity policies is
availability. In a computer network, a denial of service prevents users from having access to
resources or services over the network. Denial of service (DoS) attacks are attacks purposely
to disrupt availability of a network infrastructure. In past years, a DoS attack required a lot of
skill and knowledge in networking for an attack to be launched. However, in recent years,
DoS attack tools have been developed by various individuals and groups of people and are
readily available on the internet for free or for a little amount of money. Such tools can be
used by even the least skilled or knowledgeable attacker. This research therefore sought to
develop a defence mechanism against these easy-to-use tools. Attack traffic was captured
from some DoS tools and compared with benign traffic. Based on the differences between the
attack traffic and benign traffic captured, a signature-based detection algorithm based on
support vector machine (SVM) classifier was proposed. The algorithm was tested using the
Snort IDS tool and the results were compared with some existing DoS defence schemes.
Tests results from the algorithm showed the proposed defence mechanism had a high
detection accuracy, low false positive rate and fast detection time.
Description
A THESIS SUBMITTED TO THE DEPARTMENT OF COMPUTER ENGINEERING KWAME NKRUMAH UNIVERSITY OF SCIENCE AND TECHNOLOGY IN PARTIAL FULFILLMENT OF THE REQUIREMENT FOR THE DEGREE MASTER OF PHILOSOPHY COMPUTER INGINEERING