Detection of DNS DDoS Attacks with Random Forest Algorithm on Spark | Zendy

Liguo Chen | Zendy; Yuedong Zhang | Zendy; Qi Zhao | Zendy; Guanggang Geng | Zendy; Zhiwei Yan | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Detection of DNS DDoS Attacks with Random Forest Algorithm on Spark

Author(s) -

Liguo Chen,

Yuedong Zhang,

Qi Zhao,

Guanggang Geng,

Zhiwei Yan

Publication year - 2018

Publication title -

procedia computer science

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 0.334

H-Index - 76

ISSN - 1877-0509

DOI - 10.1016/j.procs.2018.07.177

Subject(s) - denial of service attack , computer science , domain name system , server , spark (programming language) , algorithm , robustness (evolution) , computer security , the internet , computer network , world wide web , biochemistry , chemistry , gene , programming language

Domain Name System(DNS) is one of the most foundational and essential services on the Internet, the security and robustness of DNS are of great significance. However, the stable operation of DNS has been threatened by Distributed Denial of Service(DDoS) for quite a long time, especially when the number of registered names of. CN are over 20 million on November 11, 2016. According to our observation, the frequency of volume-based DDoS attacks increased rapidly in recent years, and when the attack happened, not only the authoritative servers were affected, servers of Top Level Domain(TLD) also suffered a lot. In this paper, a model based on Random Forest [1] is applied to traffic classification with an accuracy of 99.2% on Spark. The result shows that the model could be used to deal with large-scale DNS query flows, which is fast enough to be used in practice.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research