Abstract
AbstractData availability is one of the primary principles of information security. Distributed Denial of Service (DDoS) is a typical cyber security attack of the DOS family to deny data availability to legitimate users by flooding the system resources with huge amounts of network traffic. This study is a quantitative research to evaluate SVM kernels for Reflection Amplification DDoS attack detection with different uncorrelated feature subsets. Support Vector Machine (SVM) classification algorithms Linear, RBF, Poly, and Sigmoid kernel functions are used in this study. This research proposed three methods to select uncorrelated subsets for SVM to classify DDoS attacks. This study performs experiments on Reflection Amplification DDoS attacks of SNMP and DNS datasets. The first proposal, selects uncorrelated feature subsets by Pearson, Spearman, and Kendall correlation methods. In the second proposal, common uncorrelated feature subsets of three correlation methods are called PSK-uncorrelated feature subsets. The third proposal, common PSK-uncorrelated feature subsets of SNMP and DNS datasets are called Reflection_DDoS uncorrelated feature subsets. SNMP and DNS data sets are collected from the CIC-DDoS2019 evaluation datasets. Experiment results conclude that Poly and RBF kernels among the SVM kernel functions produce the best classification results and among uncorrelated feature subsets, Pearson uncorrelated feature subset produces the best results in three un-correlated feature subsets.KeywordsDDoS attackSVM classification algorithmCorrelation methods
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
