Feature Selection via GANs (GANFS): Enhancing Machine Learning Models for DDoS Mitigation
Harsh Patel
TL;DR
The paper tackles the challenge of high-dimensional, redundant features in DDoS detection by proposing GANFS, a GAN-based, unsupervised feature ranking method that uses a perturbation-based sensitivity analysis of the Discriminator after training on attack data. By discarding the Generator and ranking features via Discriminator sensitivity, GANFS yields compact feature subsets that retain or improve downstream classifier performance while reducing computational overhead. Evaluations on the CIC-DDoS2019 dataset show GANFS delivering high accuracy, precision, recall, and AUC-ROC with significantly fewer features compared to traditional FS methods, illustrating its practical potential for scalable IDS pipelines. The work highlights the value of integrating generative modelling with discriminative sensitivity analysis to enable adaptive, model-agnostic, and efficient feature selection in cybersecurity contexts.
Abstract
Distributed Denial of Service (DDoS) attacks represent a persistent and evolving threat to modern networked systems, capable of causing large-scale service disruptions. The complexity of such attacks, often hidden within high-dimensional and redundant network traffic data, necessitates robust and intelligent feature selection techniques for effective detection. Traditional methods such as filter-based, wrapper-based, and embedded approaches, each offer strengths but struggle with scalability or adaptability in complex attack environments. In this study, we explore these existing techniques through a detailed comparative analysis and highlight their limitations when applied to large-scale DDoS detection tasks. Building upon these insights, we introduce a novel Generative Adversarial Network-based Feature Selection (GANFS) method that leverages adversarial learning dynamics to identify the most informative features. By training a GAN exclusively on attack traffic and employing a perturbation-based sensitivity analysis on the Discriminator, GANFS effectively ranks feature importance without relying on full supervision. Experimental evaluations using the CIC-DDoS2019 dataset demonstrate that GANFS not only improves the accuracy of downstream classifiers but also enhances computational efficiency by significantly reducing feature dimensionality. These results point to the potential of integrating generative learning models into cybersecurity pipelines to build more adaptive and scalable detection systems.