Real-Time Network Data Capturing Using Attack Generators and Data Processing Method

Abstract

Nowdays, use of the Internet for transaction of knowledge is very common. The end users who are accessing Internet or system are vulnerable to malicious user attacks which results in legitimate user being prevented from accessing the websites. Recently, there are several methods presented for application layer DDoS attacks by considering the different properties of attacks. However, most of the methods suffered from the poor accuracy performance of DDoS attack detection at the application layer. Hence, DDoS attacks have been low volume and act on its own as a legitimate transaction on layer seven means application layer hence such attacks are not detected easily by IDS (Intrusion Detection Systems) or firewall systems. We believe that the accuracy and efficiency of attacks detection are based on correctness of capture data traffic. In state-of-the-art methods, there is no provision to remove the noisy data from the capture logs and hence leads to incorrect detection results. In this paper, we presented the real-time computer networks data capturing for normal as well as attack infected traffics, then designed the preprocessing algorithm to remove irrelevant data to optimize the attack detection performance. In this architecture, we use LOIC DDoS attack generator tool to create attack at packet capturing time and also use KDD cup data set for other attacks trace such as DoS, R2L, L2R, Probe, etc., of the communication network. The experimental results show that proposed data preprocessing method is easy and efficient as compared to state-of-the-art solutions.