An Effective Mechanism to Mitigate Real-Time DDoS Attack

Computer networks are subject to an unprecedented number and variety of attack, the majority of which are distributed denial of service (DDoS). The nature and mechanisms employed in these DDoS attacks continually change, creating a significant challenge for detection and management. To address this evolving nature of attacks, approaches are required that can effectively detect and mitigate emerging attacks. In this paper, we provide a mechanism that not only detects the presence of a DDoS attacks but also identifies the route of attack and commences a process of mitigation at the initial stage of identification. The proposed research involves an optimized SVM classification algorithm integrated with SNORT IPS to provide prevention mechanisms for the entire network when subject to DDoS attack. The proposed IPS method allows traffic identified as legitimate to pass through the network, whereas suspect traffic is flagged and has to go through an identification system. We present the algorithm with experimental results that show better performance than simple Snort IPS, Probabilistic Neural Network (PNN), Back Propagation (BP), Chi-square, and PSO-SVM in terms of accuracy, exposure and specificity. These results show that the average accuracy rate of our method is 97 percent.