DDoS Attack Detection and Mitigation using Anomaly Detection and Machine Learning Models

With the increase in cyber-crimes each day, it is important to build a layer of security to defend against attacks which can compromise the Confidentiality, Integrity and Availability (CIA). One of the most dangerous attacks in the domain of cyber-attack is the Distributed Denial of Service (DDoS) attack. A DDoS attack can cause a huge disruption of services, leading to monetary loss as well as loss of reputation in case of data theft, if an immediate action is not taken. There is a need for an efficient detection and response for such attacks, with a high accuracy, low false-positives in a less latency. This paper puts forth a methodology which could detect attacks and efficiently mitigate them, all in a seamless fashion. The proposed methodology relies on machine learning ensemble learning algorithms and anomaly detection using fast entropy and attribute thresholding algorithms. The combined results of these algorithms are used to give a final verdict.