Preventing DDoS attack using Data mining Algorithms
A federated network mainly operates with same Internet Service Provider (ISP) and virtual entities integrated with it. Foremost frustration in unified network is attack affair due to intruder intervention. Although attacks are classified according to the attack rate dynamics, they are different in many other aspects such as implementations, intention, and countermeasures. Distributed Denial of Service (DDoS) and Low-rate DDoS attacks are vigorous threats to almost every ISP. In a merged network environment, routers work intimately to elevate early warning of DDoS attacks to evade terrible defacement. In existing FireCol a concerted protection, is used to detect flooding attack with metric computations. It delivers better detection for flooding but in case of low-rate attack, with minimum parameters it fights to find. In order to rout that, we prompt additional potential metrics such as Information distance metric, the Generalized entropy metric, the Probability metric ,the Hybrid metric (the Total variation metric and the Bhattacharyya metric) with SVM Classifier for better outsourcing performance in exposure of both high & low transmission rate attacks with diminution in false alarms. The proportions of packets are being transmitted in distributed client server topology. Both similarity and dissimilarity in the distributions of packets are taken to outline the deviation in the behaviour of user profile. Along with that, SVM classifies the attack and normal flows by using train and test files, which attains the accuracy of 73.89%. Hence, the low rate attack detection with metrics computations and classifier achieves better results compared to Firecol with decision table mechanism. General Terms Attack detection, Security in Distributed network, FireCol, Metric Computations.