DDoS Attack Detection Model using Machine Learning Algorithm in Next Generation Firewall

Abstract

Next generation firewall is taking major part to secure network environment in the industry. This device will monitor all the traffic which is coming inside the network or going outside of the network. With all these security devices attackers can still perform various kind of attacks on the network. DDoS attack is one of the hardest attack to identify which will send packets to the network and which will look like normal traffic but it will act as a DDoS traffic. In this paper we used binary decision tree, XGBoost and support vector machine to identify DDoS attack traffic pattern from the different features in the packet header. Data will be fetched from the packet header and among them standard deviation of the packet bytes and packet flows are the features considered. We have applied this data on the trained dataset. Algorithm will predict whether the traffic coming inside the network is trusted or not. Out of the three algorithms Binary Decision tree algorithm is giving 99 percentage of accuracy and will predict the data as fast as possible. Here priority is to filter DDos attacks of any security level in the line speed of the NIDS or any other appliances. This method of DDoS attack detection will add extra layer of security in the next generation firewall which will make firewall more robust.