Detection of Distributed Denial of Service Attacks based on Machine Learning Algorithms
Md. Abdur Rahman
TL;DR
This work tackles DDoS attack detection by applying supervised machine learning to network traffic data from the DestinationFlow dataset, focusing on two discriminative features: initial window forward bytes and backward bytes. It systematically compares three classifiers—Support Vector Machines, Decision Trees, and Logistic Regression—finding that SVM delivers the best performance with 97.1% test accuracy, substantially outperforming the others. A confusion-matrix analysis corroborates the superior detection capability of SVM, reporting a false-positive rate of 0.009 and a false-negative rate of 0.045. The study demonstrates the practical potential of ML-based DDoS defense for maintaining service availability and motivates further work on feature selection and scalability in real-world deployments.
Abstract
Distributed Denial of Service (DDoS) attacks make the challenges to provide the services of the data resources to the web clients. In this paper, we concern to study and apply different Machine Learning (ML) techniques to separate the DDoS attack instances from benign instances. Our experimental results show that forward and backward data bytes of our dataset are observed more similar for DDoS attacks compared to the data bytes for benign attempts. This paper uses different machine learning techniques for the detection of the attacks efficiently in order to make sure the offered services from web servers available. This results from the proposed approach suggest that 97.1% of DDoS attacks are successfully detected by the Support Vector Machine (SVM). These accuracies are better while comparing to the several existing machine learning approaches.