Abstract:
Because of the simplicity of the implementation, various attacking forms, destructivity, and difficulty of filtering out, DoS has become one of the most serious security threats to the Internet. In this paper, we propose an improved transductive confidence machines for k-nearest neighbors (ITCM-KNN) algorithm and establish a framework for DoS detection. Evaluation and experiments of the algorithm are based on the standard dataset KDD Cup 1999 with 5 selected features using the information gain algorithm, which can ensure high detection rate while reducing the dimension of the features. The proposed algorithm does not need learning and modeling attacks. It only needs a small number of samples as training data set. The comparison results show that the true positive rate (TP) of the improved TCM-KNN algorithm is about 99.99%, which is higher than other detection algorithm such as SVM.