SIDS-DDoS, a Smart Intrusion Detection System for Distributed Denial of Service Attacks

Abstract

In the last few years, the Digital Services industry has grown tremendously, offering numerous services through the Internet and using a recent concept or business model called cloud computing. For this reason, new threats and cyber-attacks have appeared, such as Denial of Service attacks. Their main objective is to prevent legitimate users from accessing services (websites, online stores, blogs, social media, banking services, etc.) offered by different companies on the Internet. In addition, it produces collateral damage in host and web servers, for example, exhaustion of network bandwidth and computer resources of the victim. In this article, we will analyze the information contained in NSL-KDD data-set, which possesses important records about the several behaviors of network traffic. These will be selected to present two methods of selection of features that allow the selection of the most relevant attributes within the data set, to build an Intrusion Detection System. The attributes selected for this experiment will be of great help to train and test various kernels of the Support Vector Machine. Once the model has been tested, an evaluation of the classification model will be performed using the cross-validation technique and we finally can choose the best classifier. © 2020, Springer Nature Switzerland AG.