CSI4900 Project, DDoS detection using machine learning
Detect DDoS attack traffic using a machine learning method.
Giving network traffic of a period and tells whether the remote host is committing DDoS attack.
Machine-Learning-DDoS
├── data # Dataset
│ └── processed # Processed data for the score
│ └── raw # Raw unprocessed data
├── docs # Documentation
├── models # Trained classifiers
├── references # Reference papers
└── src # Source files
└── process # Preprocess classes
└── score # Class to generate accuracy of 5 selected classifiers
CICDDoS2019 from UNB
This dataset provides a large set of attack traffic with different types, the type of attack was labeled in the CSV file.
In Github, only first 200k records of each type of attack were uploaded. Rest of the data could be downloaded from the link of the dataset.
In the dataset, the following types of DDoS were provided.
DNS, LDAP, MSSQL, NetBIOS, NTP, PortMap, SNMP, SSDP, SYN, TFTP, UDP, UDP-Lag
Multilayer Perceptron, random forest, Naive Bayes, K-nearest neighbors