Evaluation of DDoS attacks Detection in a New Intrusion Dataset Based on Classification Algorithms

  • Amer A. Abdulrahman baghdad university
  • Mahmood K. Ibrahem
Keywords: Anomaly detection system, DDoS attack, CICIDS 2017 dataset, Feature selection


Intrusion detection system is an imperative role in increasing security and decreasing the harm of the computer security system and information system when using of network. It observes different events in a network or system to decide occurring an intrusion or not and it is used to make strategic decision, security purposes and analyzing directions. This paper describes host based intrusion detection system architecture for DDoS attack, which intelligently detects the intrusion periodically and dynamically by evaluating the intruder group respective to the present node with its neighbors. We analyze a dependable dataset named CICIDS 2017 that contains benign and DDoS attack network flows, which meets certifiable criteria and is openly accessible. It evaluates the performance of a complete arrangement of machine learning algorithms and network traffic features to indicate the best features for detecting the assured attack classes. Our goal is storing the address of destination IP that is utilized to detect an intruder by method of misuse detection.