An Approach to Detect DDoS Attacks in Application Layer using Machine Learning

---

Abstract

A common machine learning paradigm is ensemble learning that has shown obvious benefits in a variety of applications. In the sense of machine learning, an ensemble is a machine learning system that is built with a grouping of different models that operate in parallel and whose outputs are combined with a decision fusion strategy to generate a single response for a given problem. DDoS (Distributed Denial of Service) attacks on the application layer have boosted the effectiveness of traditional flooding-based DDoS attacks, posing a growing threat to the Internet-based web services are available. These attacks can inflict comparable damage as their lower-layer counterparts while using a smaller number of attacking assets. HTTP, as the most widely used protocol on the Internet, is a popular target of getting flooding attacks, which are used in a variety of application-layer DDoS attacks. We have suggested an alternative in this paper with an ensemble approach and compared the results by adopting machine learning base classifiers namely KNearest Neighbors, Logistic Regression, Support Vector Machine, GB Naïve Bayes, and SOM to detect the DDoS accuracy and after that, we have used different ensemble learning method namely Bagging, Random forest, Extra Tree classifier, Voting Ensemble technique, Stochastic Gradient Boosting and Boosting to detect the DDoS accuracy. According to our findings, the ensemble approach in machine learning providing better results in terms of accuracy.

---

Keywords

Internet of Things (IoT), HTTP, Network Security, DDoS, Machine Learning