Abstract

Distributed denial of service (DDoS) is a structured network attack coming from various sources and fused to form a large packet stream. DDoS packet stream pattern behaves as normal packet stream pattern and very difficult to distinguish between DDoS and normal packet stream. Network packet classification is one of the network defense system in order to avoid DDoS attacks. Artificial Neural Network (ANN) can be used as an effective tool for network packet classification with the appropriate combination of numbers hidden layer neuron and training functions. This study found the best classification accuracy, 99.6% was given by ANN with hidden layer neuron numbers stated by half of input neuron numbers and twice of input neuron numbers but the number of hidden layers neuron by twice of input neuron numbers gives stable accuracy on all training function. ANN with Quasi-Newton training function doesn’t much affected by variation on hidden layer neuron numbers otherwise ANN with Scaled-Conjugate and Resilient-Propagation training function.

Highlights

  • Distributed denial of service (DDoS) is a structured network attack coming from various sources and fused to form a large packet stream

  • The number of hidden layers neuron by 2n gives stable accuracy on all training function, as compared to Kolmogorov's theory that stated the best number of hidden layer neurons to solve Artificial Neural Network (ANN) problem is 2n + 1 which produce accuracy value that tends to be low on this experiments

  • Artificial neural network can be used as an effective tool for network packet classification with the appropriate combination hidden layer and training functions

Read more

Summary

INTRODUCTION

Distributed denial of service (DDoS) is a structured network attack coming from various sources and fused to form a large packet stream. Network packet classification can be carried out by utilizing Artificial Neural Network (ANN) method. Network packet classification for DDoS attacks detection in TOR network using ANN carried on research [5] by utilizing optimization of a sinusoidal function as a feature extractor of the network packet. ANN used in [6] with ResilientBackpropagation function combined with the ensemble of classifier outputs method and Neyman-Pearson cost minimization strategy for detection of DDoS attack based on DARPA and KDDCUP datasets. Research [7] adopted the ANN method to detect DDoS attacks based on darknet traffic. Research [9] proved that the ANN method can be used to detect a new type of DDoS attack, in Hadoop and HBase environment. DDoS dataset published by the Center for Applied Internet Data Analysis (CAIDA) and network normal dataset published by Ahmad Dahlan University Networks Laboratory are used in this study

PACKET CLASSIFICATION APPROACH
Network Packet Features
Training Function
ANN Layer Scheme
Comparison Parameters
RESULT
Accuracy
Mean-Squared Error
Iteration
Findings
FUTURE WORK AND CONCLUSION

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.