Honors Program

Honors in Technology

Date of Award


Thesis Professor(s)

Ghaith Husari

Thesis Professor Department


Thesis Reader(s)

Matthew Harrison


Denial-of-Service (DoS) attacks are aimed at shutting a machine or network down to block users from accessing it. These attacks can be difficult to detect and can cost millions in damages or lost earnings. Since the first DoS attack occurred in 1999, the way DoS attacks have been launched has become more complicated, making them more elusive and harder to detect. The first step to detect and mitigate a DoS attack is for a system to identify the malicious traffic.

In this experiment, we aim to identify the malicious traffic within ten seconds. To do this the project was divided into 3 phases: data collection, feature extraction and construction of classification. The first phase was to collect malicious and legitimate data using Wireshark. The second phase of the project was to convert the PCAP files into features that are meaningful and easy to read. The third phase of the project is the construction of classification models. We used the NaΓ―ve Bayes and decision tree classification models to identify malicious traffic data and differentiate it from legitimate traffic data. This approach yielded an 𝐹1 score average of 92% in detecting DoS attacks and an 𝐹1 π‘ π‘π‘œπ‘Ÿπ‘’ accuracy range of 37% to 71% to accurately determine the intensity of the DoS attack, a reasonable accuracy for this problem. These results show that it is possible to not only detect DoS attacks, but also, to determine the intensity of such attacks with a reasonable accuracy.


East Tennessee State University

Document Type

Honors Thesis - Withheld

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.


Copyright by the authors.