Machine Learning Models for Detection of DDoS Attack in a Network Environment

ABSTRACT

Internet usage spans across various aspects of human activity, ranging from work to e-commerce, communication, and bill payments. Its integration into information systems like service portals, office automation, educational management, and financial services has significantly enhanced productivity and service quality. However, as technology evolves, the demand for security in these systems increases. Web applications and interconnected networks face a plethora of cyber threats, with distributed denial-of-service (DDoS) attacks being particularly pervasive and detrimental. These attacks disrupt server functions, slowing down or even halting legitimate user’s access. This study develops a framework for detection of DDoS attack in a network environment using machine learning (ML) models. The models' performance was assessed through metrics including accuracy, precision, recall, F-measure, and Mathew Correlation Coefficient. Utilizing one of the latest collections linked to intrusion attacks - the CICDDoS2019 dataset and WEKA software, the study employs various ML algorithms after rigorous data pre-processing. Results demonstrate exceptional accuracy, with K-Nearest Neighbour leading at 99.86%, followed closely by Random Forest (99.77%), J48 (99.58%), and Naïve Bayes (98.49%). Insights from this analysis offer valuable guidance for developing robust intrusion detection systems capable of adapting to evolving cyber threats in smart economy.

Keywords: DDoS attack, cyber security, machine learning, network traffic, intrusion detection system