Enhanced Ensemble-Based Distributed Denial-of-Service (DDoS) Attack Detection with Novel Feature Selection: A Robust Cybersecurity Approach

Abstract

One of the major threats to computer networks and systems is distributed denial-of-service (DDoS) attacks. These attacks include saturating the targeted system with a large volume of traffic coming from several sources, which causes a service interruption. Detecting these attacks in real-time has become a critical task in cybersecurity. The existing method of DDoS attack detection suffers from the problem of high false positive rates. Additionally, the classifiers used in the existing methods may not be able to capture the complex patterns of the DDoS attack traffic, leading to low accuracy. In this research, I propose an enhanced approach for detecting DDoS attacks using an ensemble-based random forest classifier with a novel feature selection technique. The ability of the ensemble-based Random Forest Classifier to aggregate many decision trees to increase classification accuracy makes it a better option for DDoS attack detection than a single machine learning-based classifier. By lowering the variance and bias of the classifier, ensemble-based approaches are known to reduce overfitting and increase the robustness of the model. To choose the most useful characteristics for DDoS attack detection, the feature selection strategy uses a novel combination of correlation analysis, mutual information, and principal component analysis techniques. A part of the CIC-DDoS2019 dataset is used for the evaluation of the proposed method and to compare it to other modern approaches. The experimental results reveal that when integrated with additional evaluation metrics, the proposed approach outperforms existing techniques in various aspects, including accuracy, recall, precision, F1-score, false positive rate, and more. The proposed approach obtained almost 100% accuracy, 0% false positive rate, and 100% true positive rate.