Show simple item record

dc.contributor.advisorAlhajj, Reda
dc.contributor.authorGupta, Animesh
dc.date2018-09
dc.date.accessioned2018-08-08T19:57:19Z
dc.date.available2018-08-08T19:57:19Z
dc.date.issued2018-07-30
dc.identifier.citationGupta, A. (2018). Distributed Denial of Service Attack Detection Using a Machine Learning Approach (Unpublished master's thesis). University of Calgary, Calgary, AB doi:10.11575/PRISM/32797en_US
dc.identifier.urihttp://hdl.handle.net/1880/107615
dc.description.abstractA distributed denial of service (DDoS) attack is a type of cyber-attack in which the perpetrator aims to deny the services on a network/server by inundating the traffic on the network/server by superfluous requests which renders it incapable to serve requests from legitimate users. According to Corero Network Security (A DDoS protection and mitigation provider), in Q3 2017, organizations around the world experienced an average of 237 DDoS attack attempts per month, which averages to 8 DDoS attacks every day. This was a 35% increase over Q2 that year and a staggering 91% increase over Q1. According to another research by Incapsula, a DDoS attack costs an average of $40,000 per hour to businesses. There are commercially available software which detect and mitigate a DDoS attack, but the high cost of these software makes them hard to afford for small and mid-scale businesses. The proposed work aims to fill this gap by providing real time open-source robust web application for DDoS attack prediction which can be used by small to mid-scale industries to keep their networks and servers secure from malicious DDoS attacks. A Machine Learning approach is used to employ a window-based technique to predict a DDoS attack in a network with a maximum accuracy of 99.83%, if the recommended combination of feature selection and classification algorithm is chosen. The choice of both feature selection and classification algorithm is left to the user. One of the feature selection algorithms is the novel Weighted Ranked Feature Selection(WRFS) algorithm which performs better than other baseline approaches in terms of accuracy of detection and the overhead to build the model. Once the selection is made, the web application connects to the socket and starts capturing and classifying real-time network traffic. After the capture is stopped, information about attack instances (if any), number of attack packets, confusion matrix is rendered to the client using dynamic charts. The trained model used for classifying real-time packets is optimized and uses only enough attributes from the incoming packet which are necessary to successfully predict the class of that packet with high accuracy.en_US
dc.language.isoeng
dc.rightsUniversity of Calgary graduate students retain copyright ownership and moral rights for their thesis. You may use this material in any way that is permitted by the Copyright Act or through licensing that has been assigned to the document. For uses that are not allowable under copyright legislation or licensing, you are required to seek permission.
dc.subject.classificationComputer Scienceen_US
dc.titleDistributed Denial of Service Attack Detection Using a Machine Learning Approach
dc.typemaster thesis
dc.publisher.facultyGraduate Studies
dc.publisher.facultyScience
dc.publisher.institutionUniversity of Calgaryen
dc.identifier.doihttp://dx.doi.org/10.11575/PRISM/32797
thesis.degree.nameMaster of Science
thesis.degree.nameMS
thesis.degree.nameMSc
thesis.degree.disciplineComputer Science
thesis.degree.grantorUniversity of Calgary
dc.contributor.committeememberRokne, Jon
dc.contributor.committeememberMoshirpour, Mohammad
dc.publisher.placeCalgaryen
ucalgary.item.requestcopytrue


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record

University of Calgary graduate students retain copyright ownership and moral rights for their thesis. You may use this material in any way that is permitted by the Copyright Act or through licensing that has been assigned to the document. For uses that are not allowable under copyright legislation or licensing, you are required to seek permission.