Linear Regression Based DDoS Attack Detection

Sakil Barbhuiya, Peter Kilpatrick, Dimitrios S. Nikolopoulos

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

DDoS attacks are increasing alongside the growth of web-based services. Existing research proposes a number of anomaly-based techniques which analyse network traffic to detect such attacks. However, these techniques typically raise a number of false positives, specifically due to the occurrence of spikes in the network traffic, which must be distinguished from genuine attacks. To reduce such false positives, we propose a linear regression based DDoS attack detection technique, which is based on the hypothesis that there is a positive correlation between average and standard deviation of the network throughput in a window-based time series, and this correlation is affected due to DDoS attacks. We evaluate the performance of the proposed technique by running experiments on real-world network traffic and the CAIDA DDoS attack 2007 dataset. We also compare the proposed technique against average and entropy based one class classification techniques, which represent the state-of-the-art linear classification techniques to detect DDoS attacks. Evaluation results demonstrate that the proposed linear regression based technique reduces the false positives significantly while maintaining the accuracy of attack detection.
Original languageEnglish
Title of host publicationICMLC 2021: 2021 13th International Conference on Machine Learning and Computing
PublisherAssociation for Computing Machinery
ISBN (Electronic)978-1-4503-8931-0
DOIs
Publication statusPublished - 26 Feb 2021

Publication series

Name2021 13th International Conference on Machine Learning and Computing
PublisherACM

Fingerprint

Dive into the research topics of 'Linear Regression Based DDoS Attack Detection'. Together they form a unique fingerprint.

Cite this