DDosTection | Devpost

DDosTection

Inspiration

Our project integrates machine learning techniques with real-time network defense to detect and prevent DDoS attacks. In doing so, it highlights the urgent need for robust cybersecurity solutions that address both technical and real-world challenges. Hundreds of thousands of cyberattacks happen each year, resulting in hundreds of millions of victims.

What it does

DDoSTection is trained on the UNSW_NB15 Dataset consisting of over 170k datapoints. It detects and prevents DoS attacks on almost any network configuration.

How we built it

After doing much data preprocessing, we trained multiple models and fed them through a stacking classifier in order to pick the best model. We test this by running a DoS Script on my local network to attack it, then preventing it using our utility.

Challenges we ran into

The performance of the training is lacking due to the 7GB Model Size, however, we resulted in saving it to a file which runs quite smoothly in prevention and detection mode.

Accomplishments that we're proud of

It works! Also, it works on both Windows and Linux.

What we learned

We learned how to create an industry-ready product from start to finish.

What's next for DDoSTection

There are future plans to deploy this on a computing cluster at my school in order to protect a system used for research.

Built With

imbalanced-learn
joblib
keras-metrics
matplotlib
numpy
pandas
pyshark
scikit-learn
scipy
seaborn
tensorflow
xgboost

Submitted to

Created by

note: in my demo, you may notice it says "failed to block" however, the rule is added, I just didn't want to ban an IP from my network so I didn't run it in administrator mode.

you can see it generates the log along with the exact rule needed to block the ip :)

Jeremiah Pitts
Betim H
Ilhan Gelle
Abinash Bastola