ASSIGNMENT
The goal of this thesis is improving upon previous work on DDoS detection systems by developing a machine learning detector for volumetric DDoS attacks that operates on short time scales without the buildup of traffic context. To be able to process high volumes of network traffic efficiently, the traffic needs to be aggregated before being classified. This will be done by using a fixed size sliding window calculating aggregated values of a predefined traffic feature set. Different window sizes, strides and traffic features are evaluated, as well as the quality of this approach compared to previous work.