An approach to on-stream DDoS blitz detection using machine learning algorithms

Distributed Denial of service (DDoS) attacks is an enormous threat to today's cyber world, cyber networks are compromised by the attackers to distribute attacks in a large volume by denying the service to legitimate users. The toughest and challenging task in today's network and network security engineers is to identify compromised traffic (attacked) and legitimate (normal) traffic. The main goal of the paper is to detect DDos attacks using classification algorithms. To achieve the goal the proposed system uses attacking tool to initiate attacks using Loic attacking tool with the data set extracted from open source tool Wireshark and transferring the dataset to apache Spark for detection analysis. The system also uses Apache spark machine learning algorithms (MLib), classification algorithms to classify the dataset. We use Naive Bayes, KNN and Random forest classification algorithms to classify normal traffic and attacked traffic. Our system is capable of detecting attacks with respect to any traffic protocols ICMP, TCP, or UDP. The accuracy of detection is compared on three classification algorithms and noted that random forest gives the accuracy of 96.75%. © 2021