Denial of Service Attack Detection in Digital Information Exchange by Using ML Techniques

Abstract

Denial of Service attack detection plays a significant role in the field of digital information exchange security, and log messages recording detailed system runtime information has become an important data analysis object accordingly. To improve traditional detection technology, several anomaly detection mechanisms, particularly the machine learning method, have been presented in recent years. This research proposes a technique for detecting anomalies in web log files that uses two machine learning algorithms. Isolation Forest is used to generate a set of features targeting traditional, while XGBoost is a tree-based model used for classification. The experimental data comes from the real web server for digital information exchange environment where log files have been collected, which contain many true intrusion messages. After comparing with two types of machine learning algorithms used in anomaly detection, testing results for this data set indicate that this system has a greater detection accuracy and can detect unknown anomaly data.