Akademik Veri Yönetim Sistemi
Gazi Üniversitesi Fen Bilimleri Dergisi Part C: Tasarım ve Teknoloji, cilt.9, sa.1, ss.12-25, 2021 (Hakemli Dergi)
Distributed Denial of Service Attacks (DDoS) are threaten every device connected to the Internet. The fast progress and wide spreading DDoS attacks are among the most well-known features of them. Many studies have been conducted to reduce the impact of these fast-progressing and widespread attacks. However, because of the continuous development of attack types and the implementation of different techniques, the prevention of attacks has not been fully achieved. Therefore, within the scope of this study, a DDoS attack was examined first and applications for detecting it were investigated. A system has been proposed to detect DDoS attacks using data mining methods. For the proposed system, experiment mechanisms for Transmission Control Protocol (TCP) Flooding, Spoofing Internet Protocol (IP), SYN Flood with Spoofed IP, and User Datagram Protocol (UDP) Flooding, which are among the DDoS attack types, were established and the attacks were performed to obtain network flow data. The classification was made with appropriate data mining methods according to the specified features and ZeroR, OneR, Naive Bayes, Bayes Net, Decision Stump, and J48 algorithms were used. According to these algorithms, the best classification rate has been reached with J48 algorithm. The results have shown that the proposed system plays an important role in determining the DDoS attack type. The proposed system will ensure that appropriate detection mechanisms are applied more quickly, effectively and efficiently in real attacks.