ARTP: Anomaly based real time prevention of Distributed Denial of Service attacks on the web using machine learning approach

Abstract

Distributed Denial of Service (DDoS) attack is one of the most destructive internet network attacks, denying legitimate users access to resources and networks by maliciously blocking available computing resources. Intruders send a large number of packets to the network in order to create a crowding effect. Unlike a Denial of Service (DoS) attack, where a single compromised source generates all of the traffic, a Distributed Denial of Service (DDoS) attack generates traffic from multiple compromised nodes spread across multiple geographies. To address the challenges posed by the Distributed Denial of Service (DDoS) attack, several researchers proposed a variety of solutions for early detection and prevention of the attack. Effective solutions for the prevention and early detection of Distributed Denial of Service (DDoS) attacks, on the other hand, have yet to be developed, and the problem remains a prominent research focus area. This paper tries to present a novel and optimal solution for detecting Distributed Denial of Service (DDoS) attacks on internet networks more quickly and accurately. The proposed model is an anomaly-based real-time prevention model for web networks. The model is based on machine learning principles and can effectively counter new types of Distributed Denial of Service (DDoS) attacks. To demonstrate the efficiency, accuracy, model robustness, and relative of the proposed model, a simulation study was run on an LLDOS session log, and the results indicated that the model performed better than benchmark models found in the literature.