Man-in-the-middle and denial of service attacks detection using machine learning algorithms

Abstract

Network attacks (i.e., man-in-the-middle (MTM) and denial of service (DoS) attacks) allow several attackers to obtain and steal important data from physical connected devices in any network. This research used several machine learning algorithms to prevent these attacks and protect the devices by obtaining related datasets from the Kaggle website for MTM and DoS attacks. After obtaining the dataset, this research applied preprocessing techniques like fill the missing values, because this dataset contains a lot of null values. Then we used four machine learning algorithms to detect these attacks: random forest (RF), eXtreme gradient boosting (XGBoost), gradient boosting (GB), and decision tree (DT). To assess the performance of the algorithms, there are many classification metrics are used: precision, accuracy, recall, and f1-score. The research achieved the following results in both datasets: i) all algorithms can detect the MTM attack with the same performance, which is greater than 99% in all metrics; and ii) all algorithms can detect the DoS attack with the same performance, which is greater than 97% in all metrics. Results showed that these algorithms can detect MTM and DoS attacks very well, which is prompting us to use their effectiveness in protecting devices from these attacks.