Published: 12-01-2021| Version 2 | DOI: 10.17632/bzgf9r36kp.2
Md. Mehedi Hasan,
Md. Saiful Islam


Distributed Denial of Service (DDoS) is one of the most frequent attacks in cloud that cause significant damage, affect the performance and continue to be the predominant security challenge. Over the past decade, research on DDoS attack detection has focused on a few classes of these attacks. To generate DDoS flooding attack we use three tools namely: hping3, mausezahn and wreckuests. UDP flood attack, TCP SYN flood attack and ICMP flood attack was performed by using hping3. For DNS flood attack mausezahn was used and for HTTP Flood attack wreckuests was used. Tcpdump, a traffic protocol analyzer is used to capture the attack traffic. Moreover, legitimate traffic was also collected using tcpdump from Lab environment network. The captured attack traffic and normal traffic were used to create a new dataset. The dataset has six classes and 1081633 records out of which 1001984 are DDoS attacks. Distribution of Different Classes. Types No. of Records TCP SYN flood attack 551179 ICMP flood attack 136496 UDP flood attack 125774 DNS flood attack 114160 HTTP flood attack 74375 Legitimate traffic 79649