Denial-of-Service (DoS) attacks are aimed at shutting a machine or network down to block users from accessing it. These attacks can be difficult to detect and can cost millions in damages or lost earnings. Since the first DoS attack occurred in 1999, the way DoS attacks have been launched has become more complicated, making them more elusive and harder to detect. The first step to detect and mitigate a DoS attack is for a system to identify the malicious traffic.
In this experiment, we aim to identify the malicious traffic within ten seconds. To do this the project was divided into 3 phases: data collection, feature extraction and construction of classification. The first phase was to collect malicious and legitimate data using Wireshark. The second phase of the project was to convert the PCAP files into features that are meaningful and easy to read. The third phase of the project is the construction of classification models. We used the NaΓ―ve Bayes and decision tree classification models to identify malicious traffic data and differentiate it from legitimate traffic data. This approach yielded an πΉ1 score average of 92% in detecting DoS attacks and an πΉ1 π ππππ accuracy range of 37% to 71% to accurately determine the intensity of the DoS attack, a reasonable accuracy for this problem. These results show that it is possible to not only detect DoS attacks, but also, to determine the intensity of such attacks with a reasonable accuracy.
| Identifer | oai:union.ndltd.org:ETSU/oai:dc.etsu.edu:honors-1867 |
| Date | 01 May 2022 |
| Creators | Hubbard, Abigail |
| Publisher | Digital Commons @ East Tennessee State University |
| Source Sets | East Tennessee State University |
| Detected Language | English |
| Type | text |
| Format | application/pdf |
| Source | Undergraduate Honors Theses |
| Rights | Copyright by the authors., http://creativecommons.org/licenses/by-nc-nd/3.0/ |
Page generated in 0.0018 seconds