Open AccessDDoS Attacks Classification using SVM
Author(s) -
Vanya Ivanova,
Tasho Tashev,
Ivo Draganov
Publication year - 2022
Publication title -
wseas transactions on information science and applications
Language(s) - English
Resource type - Journals
eISSN - 2224-3402
pISSN - 1790-0832
DOI - 10.37394/23209.2022.19.1
Subject(s) - denial of service attack , support vector machine , computer science , artificial intelligence , network packet , binary classification , multiclass classification , pattern recognition (psychology) , machine learning , sigmoid function , artificial neural network , precision and recall , data mining , the internet , computer security , operating system
In this paper two types of classifiers of Distributed Denial of Service (DDoS) attacks, based on Support Vector Machines, are presented – a binary and a multiclass one. They use numerical samples, aggregated from packet switched network connections records, captured between attacking machines, most typically IoT bots and a victim machine. Ten of the most popular DDoS attacks are studied and represented as either 10- or 8-feature vectors. Detection rate and classification accuracy is being measured in both cases, along with lots of other parameters, such as Precision, Recall, F1-measure, training and testing time, and others. Variations with Linear, Polynomial, RBF and Sigmoid kernels are being tried with the SVM. The most accurate turns out to be the RBF SVM, both as detector and multiclass classifier, achieving classification accuracy as high as 0.9999 for some of the attacks. Testing times reveal the practical fitness of the implemented classifiers for real-world application.