IDEAS home Printed from https://ideas.repec.org/a/igg/jisp00/v15y2021i3p106-128.html
   My bibliography  Save this article

SCAFFY: A Slow Denial-of-Service Attack Classification Model Using Flow Data

Author

Listed:
  • Muraleedharan N.

    (Centre for Development of Advanced Computing, India)

  • Janet B.

    (National Institute of Technology (NIT), Tiruchirappalli, India)

Abstract

Denial of service (DoS) attack is one of the common threats to the availability of critical infrastructure and services. As more and more services are online enabled, the attack on the availability of these services may have a catastrophic impact on our day-to-day lives. Unlike the traditional volumetric DoS, the slow DoS attacks use legitimate connections with lesser bandwidth. Hence, it is difficult to detect slow DoS by monitoring bandwidth usage and traffic volume. In this paper, a novel machine learning model called ‘SCAFFY' to classify slow DoS on HTTP traffic using flow level parameters is explained. SCAFFY uses a multistage approach for the feature section and classification. Comparison of the classification performance of decision tree, random forest, XGBoost, and KNN algorithms are carried out using the flow parameters derived from the CICIDS2017 and SUEE datasets. A comparison of the result obtained from SCAFFY with two recent works available in the literature shows that the SCAFFY model outperforms the state-of-the-art approaches in classification accuracy.

Suggested Citation

  • Muraleedharan N. & Janet B., 2021. "SCAFFY: A Slow Denial-of-Service Attack Classification Model Using Flow Data," International Journal of Information Security and Privacy (IJISP), IGI Global, vol. 15(3), pages 106-128, July.
    • Handle: RePEc:igg:jisp00:v:15:y:2021:i:3:p:106-128
    as

    Download full text from publisher

    File URL: http://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/IJISP.2021070107
    Download Restriction: no
    ---><---

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:igg:jisp00:v:15:y:2021:i:3:p:106-128. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Journal Editor (email available below). General contact details of provider: https://www.igi-global.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.