Detection of Denial of Service Attacks by Using Ensemble Learning Method

In recent years, cyberspace has been filled with cyber attacks such as denial of service (DoS) attacks, information phishing, financial fraud, spam and so on. One of the most common cyber attacks that have caused significant economic damage to the financial infrastructure of different countries is denial of service attacks. As a preventive measure, intrusion detection systems equipped with machine learning classification algorithms have been developed to detect anomalies in network traffic. These classification algorithms, depending on the type of DoS attack, have varying degree of success in detecting these attacks and allow users to effectively identify between normal traffic and malicious DoS traffic. In the proposed approach, three steps are used to identify and classify the most common denial of service attacks. The first step is to pre-process the actual SNMP-MIB dataset to scale the data and delete the defective data. In the second stage, by reducing the number of data set features, only the features of the interface group are used, which leads to a reduction in attack detection time. The results show that using the proposed approach, normal traffic and five DoS attacks can be detected from the MIB-SNMP dataset with 100% accuracy rate. Only the detection accuracy of two attacks, UDP Flood and Slowloris, with 99.87 and 99.94% respectively, had a very small error of detection rate.