Pablo Rivas, C. DeCusatis, Matthew Oakley, Alex Antaki, Nicholas Blaskey, S. LaFalce, Stephen Stone
{"title":"Machine Learning for DDoS Attack Classification Using Hive Plots","authors":"Pablo Rivas, C. DeCusatis, Matthew Oakley, Alex Antaki, Nicholas Blaskey, S. LaFalce, Stephen Stone","doi":"10.1109/UEMCON47517.2019.8993021","DOIUrl":null,"url":null,"abstract":"Cyberattacks have been on the increase as computing power and data storage have become more accessible. The use of recent advances in machine learning across different fields has increased the potential adoption of new algorithms in solving important technological problems. In this paper we describe a novel application of machine learning for the detection and classification of distributed denial of service (DDoS) cybersecurity attacks. Attack pattern training data is obtained from honeypots which we created to impersonate various APIs on a cloud computing network. Attack characteristics including source IP address, country of origin, and time of attack are collected from our honeypots and visualized using a three-axis hive plot. We then implemented and trained a non-probabilistic binary linear attack pattern classifier. A support vector machine and a convolutional neural network were trained using a supervised learning model with labeled data sets. Experimental results suggest that our models can detect DDoS attacks with high accuracy rates.","PeriodicalId":187022,"journal":{"name":"2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON)","volume":"60 ","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/UEMCON47517.2019.8993021","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8
Abstract
Cyberattacks have been on the increase as computing power and data storage have become more accessible. The use of recent advances in machine learning across different fields has increased the potential adoption of new algorithms in solving important technological problems. In this paper we describe a novel application of machine learning for the detection and classification of distributed denial of service (DDoS) cybersecurity attacks. Attack pattern training data is obtained from honeypots which we created to impersonate various APIs on a cloud computing network. Attack characteristics including source IP address, country of origin, and time of attack are collected from our honeypots and visualized using a three-axis hive plot. We then implemented and trained a non-probabilistic binary linear attack pattern classifier. A support vector machine and a convolutional neural network were trained using a supervised learning model with labeled data sets. Experimental results suggest that our models can detect DDoS attacks with high accuracy rates.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
