IP-protocol and transport layer protocols (TCP, UDP) have many different parameters and characteristics, which can be obtained both directly from packet headers and statistical observations of the flows. To solve the problem of classification of network traffc by methods of machine learning, it is necessary to determine a set of data (attributes), which it is reasonable to use for solving the classification problem.
1. Aamir, M., Zaidi, M.A., 2013. A survey on DDoS attack and defense strategies: from traditional schemes to current techniques. Interdisciplinary Inf. Sci. 19(2), 173-200.
2. Aamir, M., Zaidi, S.M.A., 2015. Denial-of-service in content centric (named data) networking: a tutorial and state-of-the-art survey. Security Commun. Networks 8 (11), 2037–2059.
3. Beitollahi, H., Deconinck, G., 2012. Analyzing well-known countermeasures against distributed denial of service attacks. Comput. Commun. 35 (11), 1312–1332.
4. Berkhin, P., 2006. ‘‘A survey of clustering data mining techniques”. In: Grouping Multidimensional Data. Springer, pp. 25–71.
5. Boroujerdi, A.S., Ayat, S., 2013. ‘‘A, robust ensemble of neuro-fuzzy classifiers for DDoS attack detection”, in. In: Computer Science and Network Technology (ICCSNT), 2013 3rd International Conference on, pp. 484–487.
Marakhimov, Avazjon and Ohundadaev, Ulugbek
"CHOICE OF FEATURE SPACE FOR CLASSIFICATION OF NETWORK IP-TRAFFIC BY MACHINE LEARNING METHODS,"
Bulletin of National University of Uzbekistan: Mathematics and Natural Sciences: Vol. 4:
2, Article 3.