D M

Analysis of Machine Learning approaches to identifying DDoS & Benign network traffic

Started May 12, 2023

Abstract or project description

DDoS attacks have become an increasingly concerning threat to organizations across the world due to their growing levels of sophistication. The difficulties of analyzing these attacks are detailed, and various machine learning models devised to identify such attacks for mitigation purposes are tested. An overview of the mechanisms by which DDoS attacks are carried out is provided, including: the goals of an attacker; frequently used tactics that intensify the strain an attack places on a network; and the varieties of DDoS attacks designed to exploit various weaknesses in key networking structures at different OSI layers, like the TCP/IP Protocols. Other academic papers with a similar focus on ML approaches to DDoS detection are discussed, indicating the current state of relevant research. Several case studies of real and particularly significant DDoS attacks are outlined. These attacks hit three of the most significant cloud computing services in the world, and nearly brought down systems used by many prominent organizations. A well recognized dataset, CICDDoS2019, is employed for training and testing purposes. A description of how it was generated by University of New Brunswick researchers is given, as well as pertinent visualizations of key features. Machine learning approaches are constructed using Python libraries, code samples are provided, and an evaluation of their relative success rates and merits is presented. Finally, a concluding discussion offers insights on challenges during the research and potential directions for future study.