Akademik Veri Yönetim Sistemi
7th International Scientific Conference “Telecommunications, Informatics, Energy and Management”, Sofija, Bulgaristan, 2 - 03 Aralık 2022
With the widespread Internet consumption leading to more intensive usage of the web, it also brought continuously increasing demand for servers and made them valuable targets for attackers, who use various methods to attack said servers. One of the most common methods is Distributed Denial-of-Service (DDOS) which attempts to flood online services with fake traffic in an attempt to block the server from serving. Huge amounts of data need to be processed to determine if the incoming traffic is made of legitimate requests or an attack. One of the methods that can be used for this purpose is Map-Reduce, a method that is useful for the computation of distributed batch jobs. In this study, traffic coming to FTP, SFTP, HTTP, HTTPS, and SQL ports has been collected and classified using MapReduce to determine whether a DDOS attack is taking place. As a result of this study, data of incoming packet traffic to the server from specific IPs have been obtained and then classified using the MapReduce method. For the study, incoming traffic of the ports mentioned above was collected over periods of 30 seconds. According to the results, the average packet count was 155.975, and the average packet size was 47500.65 bytes, while the average Mapping time was 1.17665 milliseconds and the average Reduce time was 0.01055 milliseconds. Future studies will be on feeding the results of this study to artificial intelligence algorithms in order to determine whether the traffic to the server is a DDoS attack or legitimate traffic.