Detection of DDoS attacks using Enhanced Support Vector Machines with real time generated dataset

An approach for combating network intrusion detection is the development of systems applying machine learning and data mining techniques. Many Intrusion Detection Systems (IDS) suffer from a high rate of false alarms and missed intrusions. The detection rate has to be improved while maintaining low rate of misses. The focus of this paper is to generate the Distributed Denial of Service (DDoS) detection dataset and detect them using the Enhanced Support Vector Machines. The DDoS dataset with various direct and derived attributes is generated in an experimental testbed which has 14 attributes and 10 types of latest DDoS attack classes. Using the generated DDoS dataset the Enhanced Multi Class Support Vector Machines (EMCSVM) is used for detection of the attacks into various classes. The performance of the EMCSVM is evaluated over SVM with various parameter values and kernel functions. It is inferred that EMCSVM produces better classification rate for the DDoS dataset with ten types of latest DDoS attacks when compared with the kddcup 99 dataset which has six types of DoS attacks.