Analysis and Comparison of Machine Learning Techniques for DDoS Attack Classification in Network Environments
Keywords:
DDoS Attack, Machine Learning, Logistic Regression, Decision Trees, Random Forest
AbstractThis research presents a comparative analysis of machine learning techniques for classifying Distributed Denial of Service (DDoS) attacks within network traffic. We evaluated the performance of three algorithms: Logistic Regression, Decision Tree, and Random Forest, including their scaled-feature counterparts. The study utilized a robust methodology incorporating advanced data preprocessing, feature engineering, and Synthetic Minority Over-sampling Technique (SMOTE) to address class imbalance. The models were rigorously tested using a cross-validation framework, assessing their accuracy, precision, recall, and F1 score. Results indicated that the Random Forest algorithm outperformed the others, demonstrating superior predictive accuracy and consistency, albeit with higher computational costs. Logistic Regression, when feature-scaled, showed significant improvement in performance, highlighting the importance of data normalization in models sensitive to feature scaling. Decision Trees provided a quick and interpretable model, though slightly less accurate than the Random Forest. The research findings highlight the trade-offs between predictive performance and computational efficiency in selecting machine learning models for cybersecurity applications. The study contributes to the cybersecurity domain by elucidating the efficacy of ensemble techniques in DDoS attack classification and underscores the potential for model improvement through scaling and data balancing. Downloads
Download data is not yet available.
ReferencesAbbasi, M., Shahraki, A., & Taherkordi, A. (2021). Deep learning for network traffic monitoring and analysis (NTMA): A survey. Computer Communications, 170, 19–41. https://doi.org/10.1016/j.comcom.2021.01.021 Ali, T. E., Chong, Y.-W., & Manickam, S. (2023). Machine Learning Techniques to Detect a DDoS Attack in SDN: A Systematic Review. Applied Sciences, 13(5), 3183. https://doi.org/10.3390/app13053183 Bhatia, S., Behal, S., & Ahmed, I. (2018). Distributed denial of service attacks and defense mechanisms: current landscape and future directions. Versatile Cybersecurity, 55–97. https://doi.org/10.1007/978-3-319-97643-3_3 Bhattacharyya, D. K., & Kalita, J. K. (2013). Network anomaly detection: A machine learning perspective. Crc Press. https://doi.org/10.1201/b15088 Chalapathy, R., & Chawla, S. (2019). Deep learning for anomaly detection: A survey. ArXiv Preprint ArXiv:1901.03407. https://doi.org/10.48550/arXiv.1901.03407 Elsayed, M. S., Le-Khac, N.-A., Dev, S., & Jurcut, A. D. (2020). Ddosnet: A deep-learning model for detecting network attacks. 2020 IEEE 21st International Symposium on" A World of Wireless, Mobile and Multimedia Networks"(WoWMoM), 391–396. https://doi.org/10.1109/WoWMoM49955.2020.00072 Iftikhar, A., Qureshi, K. N., Shiraz, M., & Albahli, S. (2023). Security, trust and privacy risks, responses, and solutions for high-speed smart cities networks: A systematic literature review. Journal of King Saud University-Computer and Information Sciences, 101788. https://doi.org/10.1016/j.jksuci.2023.101788 Karatas, G., Demir, O., & Sahingoz, O. K. (2020). Increasing the performance of machine learning-based IDSs on an imbalanced and up-to-date dataset. IEEE Access, 8, 32150–32162. https://doi.org/10.1109/ACCESS.2020.2973219 Kwon, D., Kim, H., Kim, J., Suh, S. C., Kim, I., & Kim, K. J. (2019). A survey of deep learning-based network anomaly detection. Cluster Computing, 22, 949–961. https://doi.org/10.1007/s10586-017-1117-8 Lohachab, A., & Karambir, B. (2018). Critical analysis of DDoS—An emerging security threat over IoT networks. Journal of Communications and Information Networks, 3, 57–78. https://doi.org/10.1007/s41650-018-0022-5 McIntosh, T., Liu, T., Susnjak, T., Alavizadeh, H., Ng, A., Nowrozy, R., & Watters, P. (2023). Harnessing GPT-4 for generation of cybersecurity GRC policies: A focus on ransomware attack mitigation. Computers & Security, 134, 103424. https://doi.org/10.1016/j.cose.2023.103424 Mittal, M., Kumar, K., & Behal, S. (2023). Deep learning approaches for detecting DDoS attacks: A systematic review. Soft Computing, 27(18), 13039–13075. https://doi.org/10.1007/s00500-021-06608-1 Osei-Kyei, R., Tam, V., Ma, M., & Mashiri, F. (2021). Critical review of the threats affecting the building of critical infrastructure resilience. International Journal of Disaster Risk Reduction, 60, 102316. https://doi.org/10.1016/j.ijdrr.2021.102316 Popoola, S. I., Adebisi, B., Ande, R., Hammoudeh, M., Anoh, K., & Atayero, A. A. (2021). smote-drnn: A deep learning algorithm for botnet detection in the internet-of-things networks. Sensors, 21(9), 2985. https://doi.org/10.3390/s21092985 Qazi, N., & Raza, K. (2012). Effect of feature selection, SMOTE and under sampling on class imbalance classification. 2012 UKSim 14th International Conference on Computer Modelling and Simulation, 145–150. https://doi.org/10.1109/UKSim.2012.116 Rudd, E. M., Rozsa, A., Günther, M., & Boult, T. E. (2016). A survey of stealth malware attacks, mitigation measures, and steps toward autonomous open world solutions. IEEE Communications Surveys & Tutorials, 19(2), 1145–1172. https://doi.org/10.1109/COMST.2016.2636078 Salim, M. M., Rathore, S., & Park, J. H. (2020). Distributed denial of service attacks and its defenses in IoT: a survey. The Journal of Supercomputing, 76, 5320–5363. https://doi.org/10.1007/s11227-019-02945-z Sengupta, S., Basak, S., Saikia, P., Paul, S., Tsalavoutis, V., Atiah, F., Peters, A. (2020). A review of deep learning with special emphasis on architectures, applications and recent trends. Knowledge-Based Systems, 194, 105596. https://doi.org/10.1016/j.knosys.2020.105596 Shafin, S. S., Prottoy, S. A., Abbas, S., Hakim, S. Bin, Chowdhury, A., & Rashid, M. M. (2021). Distributed denial of service attack detection using machine learning and class oversampling. Applied Intelligence and Informatics: First International Conference, AII 2021, Nottingham, UK, July 30--31, 2021, Proceedings 1, 247–259. https://doi.org/10.1007/978-3-030-82269-9_19 Srivastava, A., Parmar, V., Patel, S., & Chaturvedi, A. (2023). Adaptive Cyber Defense: Leveraging Neuromorphic Computing for Advanced Threat Detection and Response. 2023 International Conference on Sustainable Computing and Smart Systems (ICSCSS), 1557–1562. https://doi.org/10.1109/ICSCSS57650.2023.10169393 |
Published
2024-03-31
Issue
Section
Articles
How to Cite
Airlangga, G. (2024). Analysis and Comparison of Machine Learning Techniques for DDoS Attack Classification in Network Environments. Jurnal Informatika Ekonomi Bisnis, 6(1), 38-46. https://doi.org/10.37034/infeb.v6i1.795
This work is licensed under a Creative Commons Attribution 4.0 International License. |