Abstract
In recent years, computer networks have become more and more advanced in terms of size, applications, complexity and level of heterogeneity. Moreover, availability and performance are important issues for end users. New types of cyber-attacks that can affect and damage network performance and availability are constantly emerging and some threats, such as Distributed Denial of Service (DDoS) attacks, can be very dangerous and cannot be easily prevented. In this study, we present a novel hybrid approach to detecting a DDoS attack by means of monitoring abnormal traffic in the network. This approach reads traffic data and from that it is possible to build a model, by means of which future data may be predicted and compared with observed data, in order to detect any abnormal traffic. This approach combines two methods: traffic prediction and changing detection. To the best of our knowledge, such a combination has never been used in this area before. The approach achieved a highly significant accuracy rate of 98.3% and sensitivity was 100%, which means that all potential attacks are detected and prevented from penetrating the network system.
Highlights
With the increasingly rapid development of the digital world of information transmission and communication technology and with the adoption of such technology globally by individuals, institutions, governments and generally all sectors of society, the extensive availability of open source programs and management tools fosters a constant threat of cyberattacks, hacking and breaches of network security
Traffic analysis is the process of monitoring, reviewing, modelling and analyzing traffic in a specific node or an entire network; to assess the network performance and security effectiveness
The back propagation learning algorithm is used for the training stage of the ANNARX to reduce the convergence error
Summary
With the increasingly rapid development of the digital world of information transmission and communication technology and with the adoption of such technology globally by individuals, institutions, governments and generally all sectors of society, the extensive availability of open source programs and management tools fosters a constant threat of cyberattacks, hacking and breaches of network security. Security specialists proclaim that there is no "magic wand" that can be waved to instantly protect data on the Internet, effective actions can still be taken to prevent attacks on network security systems. Traffic analysis has emerged as a promising approach to improving data protection. Traffic analysis is the process of monitoring, reviewing, modelling and analyzing traffic in a specific node or an entire network; to assess the network performance and security effectiveness. Simple Network Management Protocol (SNMP-MIB) is used as a data source in different scenarios that represent the most frequent and common types of attack encountered in real network operations.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
