A Step Towards Generation of DoS/DDoS Attacks Dataset for Docker-Centric Computing

Docker provides an effective containerized environment for modern computing. However, the security issues present in Docker provide an edge to the attackers thus resulting in various attacks. Denial of Service (DoS) and Distributed Denial of Service (DDoS) are the common ones. In this paper, DoS and DDoS attack datasets have been generated using realistic testbed environments as older datasets have their own set of limitations, making them insufficient for today’s computing. An architectural framework is provided to depict the process of packet capturing and feature extraction. A total of 45 features are extracted using Flowtbag among which 17 best features are selected using the average correlation coefficient. Six machine learning algorithms namely Logistic Regression (LR), Naïve Bayes (NB), K-Nearest Neighbors (KNN), Decision Tree (DT), Random Forest (RF), and Support Vector Machine (SVM) are applied on datasets with full features and selected features to obtain accuracy, precision, recall, and F1 score. NB gave the lowest accuracy of 0.94917 on full features and DT provided the most accurate results with a performance matrix of 0.99254 accuracy, 0.997 precision, 0.998 recall, and 0.997 F1 Score. Whereas on selected features, accuracies of both the algorithms increased to 0.962434 and 0.992703 respectively.