Performance Evaluation of Machine Learning Algorithms for Detection of SYN Flood Attack: The case of ethio telecom

dc.contributor.advisorYalemzewd, Negash (PhD)
dc.contributor.authorWassihun, Beyene
dc.date.accessioned2020-03-11T10:14:04Z
dc.date.accessioned2023-11-04T15:13:16Z
dc.date.available2020-03-11T10:14:04Z
dc.date.available2023-11-04T15:13:16Z
dc.date.issued2020-02-28
dc.description.abstractTelecom service providers operate and control complex network infrastructure used for data transmission. However, security issues have been among the most serious problems for service providers in general and ethio telecom in particularly. One of the main security problems that become the hardest and most serious threat is called Distributed Denial of Service (DDoS) attacks specifically Synchronize (SYN) flood attack. Nowadays, different researchers to detect and prevent SYN flood attack recommended several statistical detection methods. However, due to the dynamic behavior of attack has been challenged to detect using existing detection approaches. This research focused on the performance evaluation classification machine learning (ML) algorithms for detection SYN flood attack. The classification models trained and tested with packet captured (PCAP) dataset has been used and gathered from ethio telecom network by generated and captured using Hping3 and Wireshark tools respectively. This dataset has been further preprocessed and evaluated using four classification ML algorithms and three training approaches. The implementation has been performed using WEKA (Waikato Environment for Knowledge Analysis) data mining tool. The experimental results show J48 algorithm performs with 98.57% of accuracy and AdaBoost, Naïve Bayes and ANN algorithms with 98.52%, 95.31% and 94.85% of accuracy respectively. The first reason was that the J48 algorithm is more efficient than the other algorithms; it has been used as a pruning technique in order to reduce the complexity of the final classifier and to prevent over fitting the data. The second reason was the ability to learn mechanisms. Therefore, based on the performance evaluation result model with J48 algorithm has been recommended for SYN attack detection.en_US
dc.identifier.urihttp://etd.aau.edu.et/handle/123456789/21113
dc.language.isoen_USen_US
dc.publisherAddis Ababa Universityen_US
dc.subjectAdaptive Boosteren_US
dc.subjectANNen_US
dc.subjectDistributed denial of service attacken_US
dc.subjectDenial of service attacken_US
dc.subjectHping3en_US
dc.subjectJ48en_US
dc.subjectNaive Bayesen_US
dc.subjectSYN flood attacken_US
dc.subjectWEKAen_US
dc.subjectWiresharken_US
dc.titlePerformance Evaluation of Machine Learning Algorithms for Detection of SYN Flood Attack: The case of ethio telecomen_US
dc.typeThesisen_US

Files

Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
Wassihun Beyene.pdf
Size:
1.79 MB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.71 KB
Format:
Plain Text
Description: