An Ensemble Framework for Flow-Based Application Layer DDoS Attack Detection Using Data Mining Techniques

Abstract

The large number of requests flow exceeds the capacity of the target server drives to denial in the service to the legitimate users. Due to the server’s oversized prospective, the flooding requests increase the server capacity generated by the malicious attackers from distributed environment defining the distributed denial of service attack. From the contemporary literature it is evident that applying the knowledge gained from the findings of previous request distributions is a suitable strategy to block the DDoS attacks. This strategy’s key limitation is frisking to detect the new patterns of request flooding excavated by the attacker at the server from the previous knowledge on earlier attack distributions patterns. Therefore, this paper explains a novel trained ensemble classifier with new features which reflects in the traffic flow properties, so that, the traffic flow shows distribution diversity from each other which is considered and attached to individual classifiers. Ensemble classifier and AdaBoost are used to detect the flow by discovering the distribution resemblance involved in the multiple classifiers in the ensemble classification model. The experiment worked out on the voluminous traffic flow with visible distribution variety.