Bipartite machine learning approach for detecting denial of service

Abstract

The security risk associated with the computer networks increases with the tremendous intensification and dynamism of computer networks Intrusion and its associated attacks both internal and external is an alarming threat in recent days A neural network based intrusion detection system is designed whose primary objective is to detect various types of denial of service attacks with low false positive rate and increased detection rate Initially the system is designed with the support vector classifier and a multi instance neural network classifier The support vector classifier itself includes a clustering process and classification process K Means algorithm is used for clustering and Support vector machine is used for classification The outcome of the support vector classifier is the classification of incoming traffic in to either anomalous or non anomalous Support vector classifier is followed by a multi instance neural network classifier which detects the denial of service attack Denial of service attack is a major concern to any form of network either it be a simple intranet or evolving software defined network. Irrespective of the application that is being accessed Denial of Service DoS attack can be enforced from any level of the network, for instance it could be generated due to the vulnerabilities that exists in Transmission Control Protocol TCP or may be due to vulnerability in Address Resolution Protocol ARP or in Hypertext Transfer Protocol HTTP Any type of communication in networks such as a HTTP request or a request to access a file using File Transfer Protocol FTP is basically built on top of a transport layer protocol it could be either TCP or User Datagram Protocol UDP A catalyst of an attack for instance an IP address might be blocked but it would be an IP of a legitimate user whose IP address is spoofed the future requests from the same IP should not be denied as once it was spoofed newline