International Society of Science and Applied Technologies |
|
Predicting Slow HTTP DoS Attacks with Severely Imbalanced Big Data | ||||
Author | Chad Calvert
|
|||
Co-Author(s) | Taghi M. Khoshgoftaar; Clifford Kemp
|
|||
Abstract | As attackers shift to stealthier and more complex methods of attack, the need for maintaining proper network security is more important than ever. To bypass common attack mitigation strategies, attackers are adapting their efforts to impact the application layer, allowing them to produce intrusions that can exploit known issues within specific application protocols. Slow HTTP Denial of Service attacks specifically target the HTTP protocol and can imitate legitimate user traffic in order to deny server resources. To effectively mitigate such an attack, network analysts must continuously collect and evaluate large quantities of network traffic. This is done in an effort to detect and defend against the intrusive traffic. However, as attack traffic only accounts for a small portion on network traffic, this can lead to a severe level of imbalance between normal and attack instances. This imbalance between normal (majority) and attack (minority) instances proves problematic, as machine learners may produce inaccurate detection results. In this work, we evaluate the use of data sampling to produce varying class distributions in an effort to address the effects of severe class imbalance pertaining to Slow HTTP DoS big datasets. We generate five class distributions and evaluate the performance of four machine learning techniques. Our results show that the optimal learner and class distribution combination is that of Random Forest with a 65:35 distribution ratio, obtaining an AUC value of 0.99904. Through the use of significance testing, we also determine that the use of sampling techniques can significantly increase learner performance when detecting Slow HTTP DoS attack traffic.
|
|||
Keywords | Class Distribution, Imbalanced Data, Big Data, Slow HTTP DoS | |||
Article #: DSIS19-22 |
August 1-3, 2019 - Las Vegas, NV, U.S.A. |