GDL

Journal from gdlhub / 2022-02-12 16:22:28
Oleh : Muhammad Aamir, Syed Mustafa Ali Zaidi, King Saud University
Dibuat : 2022-02-12, dengan 0 file

Keyword : Clustering, DDoS attacks, Machine learning, Semi-supervised
Url : http://www.sciencedirect.com/science/article/pii/S131915781831067X
Sumber pengambilan dokumen : web

Semi-supervised machine learning can be used for obtaining subsets of unlabeled or partially labeled dataset based on the applicable metrics of dissimilarity. At later stage, the data is completely assigned the labels as per the observed differentiation. This paper provides a clustering based approach to distinguish the data representing flows of network traffic which include both normal and Distributed Denial of Service (DDoS) traffic. The features are taken for victim-end identification of attacks and the work is demonstrated with three features which can be monitored at the target machine. The clustering methods include agglomerative and K-means with feature extraction under Principal Component Analysis (PCA). A voting method is also proposed to label the data and obtain classes to distinguish attacks from normal traffic. After labeling, supervised machine learning algorithms of k-Nearest Neighbors (kNN), Support Vector Machine (SVM) and Random Forest (RF) are applied to obtain the trained models for future classification. The kNN, SVM and RF models in experimental results provide 95%, 92% and 96.66% accuracy scores respectively under optimized parameter tuning within given sets of values. In the end, the scheme is also validated using a subset of benchmark dataset with new vectors of attack.

Deskripsi Alternatif :

Semi-supervised machine learning can be used for obtaining subsets of unlabeled or partially labeled dataset based on the applicable metrics of dissimilarity. At later stage, the data is completely assigned the labels as per the observed differentiation. This paper provides a clustering based approach to distinguish the data representing flows of network traffic which include both normal and Distributed Denial of Service (DDoS) traffic. The features are taken for victim-end identification of attacks and the work is demonstrated with three features which can be monitored at the target machine. The clustering methods include agglomerative and K-means with feature extraction under Principal Component Analysis (PCA). A voting method is also proposed to label the data and obtain classes to distinguish attacks from normal traffic. After labeling, supervised machine learning algorithms of k-Nearest Neighbors (kNN), Support Vector Machine (SVM) and Random Forest (RF) are applied to obtain the trained models for future classification. The kNN, SVM and RF models in experimental results provide 95%, 92% and 96.66% accuracy scores respectively under optimized parameter tuning within given sets of values. In the end, the scheme is also validated using a subset of benchmark dataset with new vectors of attack.

Beri Komentar ?#(0) | Bookmark

Properti	Nilai Properti
ID Publisher	gdlhub
Organisasi	King Saud University
Nama Kontak	Herti Yani, S.Kom
Alamat	Jln. Jenderal Sudirman
Kota	Jambi
Daerah	Jambi
Negara	Indonesia
Telepon	0741-35095
Fax	0741-35093
E-mail Administrator	elibrarystikom@gmail.com
E-mail CKO	elibrarystikom@gmail.com