Semi-Supervised Machine Learning Approach for DDOS Detection

With the exponential increase in data transmission across computer networks in today's world, identifying and preventing dangerous network use has become a paramount issue for network managers and users alike. The high volume of incoming data inundating the target server in the network, originating from several sources and resulting on server crashes or severe slowdowns, poses a significant challenge in distinguishing between malicious traffic from attackers and legal traffic from users. The reason for this is that the excessive amount of network traffic overwhelms the server, resulting in its failure or significantly reduced performance. Therefore, it is impossible to stop the attack by concentrating on a solitary origin. Denial-of-service (DDOS) attacks may be executed by skilled hackers for cyberwar or financial motives, or by internal users as a casual pastime. A primary issue for security administrators is the potential occurrence of DDoS flooding assaults. In previous studies, researchers have attempted to identify flooding assaults by using approaches that rely on both traits and abnormalities. They faced challenges in determining the characteristics of the assault flow. Furthermore, there is a lack of coordination among the constituent nodes of the cohesive network. Because the address that was widely used was created unlawfully, it was difficult to ascertain the origin of the attack. The assault was of brief duration, leaving just a limited window for a countermeasure. Hence, it is essential to create an anomaly detection system to detect and mitigate distributed denial of service attacks (DDOS) while safeguarding the data of legitimate users. The main objective of this thesis is to devise a method for protecting stored data by categorizing arriving packets and making decisions based on the categorization in line with the outcomes of the categorization process.
To detect distributed denial of service attacks in networks, the suggested intrusion detection solution utilizes the optimum weight of the DLNN. The suggested system utilizes the NSL-Data Set for network intrusion detection. This dataset is appropriate for identifying network intrusions and includes additional attributes. The dataset contains a total of 41 distinct categories of training and testing data, enabling it to accurately identify network assaults.The method is initiated by the training phase, which is then followed by the testing phase. The NSL-Data is collected and undergoes preprocessing before being inputted into the neurons of a Deep Learning Neural Network (DLNN). Preprocessing includes methods like as data normalization, missing value imputation, and the conversion of strings in data sets to numerical values.