JIS  Vol.9 No.1 , January 2018
DDoS Attack Detection Using Heuristics Clustering Algorithm and Naïve Bayes Classification
In recent times among the multitude of attacks present in network system, DDoS attacks have emerged to be the attacks with the most devastating effects. The main objective of this paper is to propose a system that effectively detects DDoS attacks appearing in any networked system using the clustering technique of data mining followed by classification. This method uses a Heuristics Clustering Algorithm (HCA) to cluster the available data and Naïve Bayes (NB) classification to classify the data and detect the attacks created in the system based on some network attributes of the data packet. The clustering algorithm is based in unsupervised learning technique and is sometimes unable to detect some of the attack instances and few normal instances, therefore classification techniques are also used along with clustering to overcome this classification problem and to enhance the accuracy. Naïve Bayes classifiers are based on very strong independence assumptions with fairly simple construction to derive the conditional probability for each relationship. A series of experiment is performed using “The CAIDA UCSD DDoS Attack 2007 Dataset” and “DARPA 2000 Dataset” and the efficiency of the proposed system has been tested based on the following performance parameters: Accuracy, Detection Rate and False Positive Rate and the result obtained from the proposed system has been found that it has enhanced accuracy and detection rate with low false positive rate.
Cite this paper: Bista, S. and Chitrakar, R. (2018) DDoS Attack Detection Using Heuristics Clustering Algorithm and Naïve Bayes Classification. Journal of Information Security, 9, 33-44. doi: 10.4236/jis.2018.91004.

[1]   SANS Institute InfoSec Reading Room (2011) Denial of Service Attacks and Mitigation Techniques: Real Time Implementation with Detailed Analysis. SANS Institute Reading Room Site.

[2]   Sarmila, K. and Kavin, G. (2014) A Clustering Algorithm for Detecting DDoS Attacks in Networks. International Journal of Recent Engineering Science, 1, ISSN: 2349-7157.

[3]   Bhaya, W. and Manaa, M.E. (2014) Review Clustering Mechanisms of Distributed Denial of Service Attacks. Journal of Computer Science, 10, 2037-2046, ISSN: 1549-3636.

[4]   Shikha, A. and Jitendra, A. (2015) Survey on Anomaly Detection using Data Mining Techniques. 19th International Conference on Knowledge Based and Intelligent Information and Engineering Systems.

[5]   Chitrakar, R. and Chuanhe, H. (2012) Anomaly Based Intrusion Detection Using Hybrid Learning Approach of Combining k-Medoids Clustering and Naïve Bayes Classification. Proceedings of 8th IEEE International Conference on Wireless Communications, Networking and Mobile Computing (WiCOM).

[6]   Digital Attack Map. In: N.p., 2017. Web. 26 Apr. 2017.