Not logged in.
Quick Search - Contribution
Contribution Details
Type | Master's Thesis |
Scope | Discipline-based scholarship |
Title | DDoSGrid-Mining: Analyzing and Classifying DDoS Attack Traffic |
Organization Unit | |
Authors |
|
Supervisors |
|
Language |
|
Institution | University of Zurich |
Faculty | Faculty of Business, Economics and Informatics |
Date | 2021 |
Abstract Text | In order to provide a solution that aids in analyzing and detecting ever-increasing Distributed Denial of Service (DDoS) attacks in post, DDoSGrid was created, which offers a research-oriented and extensible platform that provides visualizations for analyzed traffic logs and lets a user configure dashboards using these visualizations. However, this analysis and attack-type detection was until now performed manually, by a user looking at visualizations and metrics and making an informed decision on what attack vectors could have been used in an attack. This thesis expands on the base-idea of DDoSGrid and extends it by conceptualizing and implementing an extension that allows machine learning based attack-type classification of the uploaded data sets. In addition to the already existing feature extractors that DDoSGrid provides, a new extractor is created that creates time-window based features of the traffic log. These logs can be manually classified, and then added to a machine learning model, to create a true data set. This model is then used to automatically classify new data sets using different classification algorithms, in order to get an attack-type analysis of the traffic log. The solution was evaluated using well-established techniques and proved to be quite effective, both in terms of performance and accuracy, performing comparably or in some cases better than the existing literature. |
PDF File | Download |
Export | BibTeX |