AAU Institutional Repository

Performance Evaluation of Machine Learning Algorithms for Detection of SYN Flood Attack: The case of ethio telecom

Show simple item record

dc.contributor.advisor Yalemzewd, Negash (PhD)
dc.contributor.author Wassihun, Beyene
dc.date.accessioned 2020-03-11T10:14:04Z
dc.date.available 2020-03-11T10:14:04Z
dc.date.issued 2020-02-28
dc.identifier.uri http://etd.aau.edu.et/handle/123456789/21113
dc.description.abstract Telecom service providers operate and control complex network infrastructure used for data transmission. However, security issues have been among the most serious problems for service providers in general and ethio telecom in particularly. One of the main security problems that become the hardest and most serious threat is called Distributed Denial of Service (DDoS) attacks specifically Synchronize (SYN) flood attack. Nowadays, different researchers to detect and prevent SYN flood attack recommended several statistical detection methods. However, due to the dynamic behavior of attack has been challenged to detect using existing detection approaches. This research focused on the performance evaluation classification machine learning (ML) algorithms for detection SYN flood attack. The classification models trained and tested with packet captured (PCAP) dataset has been used and gathered from ethio telecom network by generated and captured using Hping3 and Wireshark tools respectively. This dataset has been further preprocessed and evaluated using four classification ML algorithms and three training approaches. The implementation has been performed using WEKA (Waikato Environment for Knowledge Analysis) data mining tool. The experimental results show J48 algorithm performs with 98.57% of accuracy and AdaBoost, Naïve Bayes and ANN algorithms with 98.52%, 95.31% and 94.85% of accuracy respectively. The first reason was that the J48 algorithm is more efficient than the other algorithms; it has been used as a pruning technique in order to reduce the complexity of the final classifier and to prevent over fitting the data. The second reason was the ability to learn mechanisms. Therefore, based on the performance evaluation result model with J48 algorithm has been recommended for SYN attack detection. en_US
dc.language.iso en_US en_US
dc.publisher Addis Ababa University en_US
dc.subject Adaptive Booster en_US
dc.subject ANN en_US
dc.subject Distributed denial of service attack en_US
dc.subject Denial of service attack en_US
dc.subject Hping3 en_US
dc.subject J48 en_US
dc.subject Naive Bayes en_US
dc.subject SYN flood attack en_US
dc.subject WEKA en_US
dc.subject Wireshark en_US
dc.title Performance Evaluation of Machine Learning Algorithms for Detection of SYN Flood Attack: The case of ethio telecom en_US
dc.type Thesis en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search AAU-ETD


My Account