Enhancing Cybersecurity: Machine Learning Approaches for Predicting DDoS Attack

Abstract

Dealing with network security has always been challenging, particularly with regard to the detection and prevention of Distributed Denial of Service (DDoS) attacks. Attacks like DDoS bring threats to the network by violating its availability to the probable people who are in need of using that particular server. It is a type of cyber-attack where a network is flooded with a huge amount of traffic, overwhelming the system, and making it unavailable. This type of attack focuses on making the service unavailable to rightful users, without breaching the security perimeter. In a DDoS attack, a master computer hacks a network of vulnerable computers to send a huge quantity of packets to a server from already captured zombie computers. Researchers have suggested various Machine learning (ML) algorithms to detect such attacks. To study and analyse DDoS attacks, researchers have used the CIC-DDoS2019 dataset. To find out how often a DDoS attack happens to a server along with the possible pattern of the attack and type of the attack. This dataset is utilized to train and evaluate ML models for detecting DDoS attacks. In this paper, the primary objective is to propose a decent version of DDoS dataset for investigation and evaluate the performance of various state-of-the-art classifiers, such as Gaussian Naïve Byes (GNB), Bernoulli Naïve Byes (BNB), Random Forest (RF), ID3 Decision Tree (ID3 DT), Logistic Regression (LR), K-Nearest Neighbors (KNN), AdaBoost, CART, and Bagging Classifier ML algorithms to detect DDoS attacks accurately. Along with that, the experimenter showed that DDoS attacks can be identified even more accurately if the attacks are stored in a binary way rather than categorized into 13 different types of attacks in the dataset.