The Neural Network Model of DDoS Attacks Identification for Information Management
2019
The paper discusses the concept and problem of identifying DDoS attacks for information management. The main starting mechanisms and types of DDoS attacks are analyzed. To identify them, signature and behavioral methods of analyzing network traffic are used. Analysis of the advantages and disadvantages of these methods actualized the need for their combined use. To detect and classify DDoS attacks, the need to develop and use a neural network model has been updated. The training and testing of the model were made on the initial data from the NSL-KDD set. All lines in this set are represented as sequences of TCP packets, UDP packets, and ICMP packets of network traffic transmitted from the source of the attack to the attacked network node. The total sample size was 8067 lines. Of these, half of the data corresponded to DDoS attacks, and the rest of the data characterized clear connections. The Deductor modelling environment was used to build the neural network model. The constructed neural network model was a single-layer perceptron with 11 input neurons, 23 hidden neurons and 1 output neuron. The accuracy of the constructed model was calculated based on contingency tables. The accuracy of the initial data classification at the training stage was 97.94%. The classification accuracy at the testing stage was 97.87%. To assess the quality of the neural network model, the errors of the first (0.93%) and second (3.3%) type are calculated. Testing the model showed good results since almost all DDoS attacks were successfully classified. Thus, the neural network model for detecting DDoS attacks has successfully solved the task of identifying and classifying malicious network connections.
Keywords:
- Correction
- Source
- Cite
- Save
- Machine Reading By IdeaReader
0
References
1
Citations
NaN
KQI