DDOS is an important and constantly evolving kind of threat to networking security. An overflowing of services of targeted systems causes severe disruptions in services, making massive losses to companies. Since such attacks become more insidious, traditional methods are unable to detect them, making the identification and mitigation process difficult in real time. Hence, machine learning has emerged as a key solution to DDoS detection capabilities. The following work is done to find the performance of AdaBoost, Decision Tree, Logistic Regression, and Random Forest, taking CICDDoS2019 as input. The dataset contains a large number of DDoS attack types such as, but not limited to,DrDoS_MSSQL,DrDoS_LDAP,DrDoS_NETBIOS, DrDoS_SYN, and DrDoS_UDP attacks, ensuring the models get a fairly strong base for analysis. After these steps, the models will be evaluated in terms of accuracy, precision, recall, and F1-score to see which one will best suit the purpose of identifying the different patterns of DDoS attacks. The results reflect that, out of all algorithms, Random Forest is the best for both attacks, thus guaranteeing high accuracy in whatever kind of attack, whereas Decision Tree performed only well for SYN and LDAP attacks. The results, therefore, underscore the power of ensemble methods like Random Forest for effective real-time DDoS detection. This study postulates that the marriage of machine learning techniques with the existing network security frameworks would result in a significantly enriched detection and mitigation capability against DDoS attacks, thereby opening future avenues for researchers on consideration of advanced methods and applications in this area.

Author: E.A. Idowu, O.A. Odeniyi

Published in: International Conference for Internet Technology and Secured Transactions (ICITST-2024)

• Date of Conference: 4-6 November 2024
• DOI: 10.20533/ICITST.2024.0022
• ISBN: 978-1-913572-76-1
• Conference Location: St Anne’s College, Oxford University, UK