Enhancing Multi-Class DDoS Attack Classification using Machine Learning Techniques

Authors

  • Mohammad Jawad Kadhim Abood Department of Information Networks, College of Information Technology, University of Babylon, Babylon, Iraq
  • Ghassan Hameed Abdul-Majeed Department of Computer Engineering, College of Engineering , University of Baghdad, Baghdad, Iraq

DOI:

https://doi.org/10.37934/araset.43.2.7592

Keywords:

DDoS detection, CICDDoS2019, J48, Machine learning, Classification

Abstract

Distributed Denial of Service (DDoS) attacks, which adversely impact network availability, confidentiality, and integrity, represent a persistent threat. These attacks involve affected systems consuming resources through spurious requests instead of serving legitimate clients. Various methodologies exist for detecting and mitigating DDoS attacks, with Machine Learning (ML) emerging as a particularly effective approach due to its predictive capabilities after training on pertinent data. The primary objective of this study is to identify an improved ML algorithm for the detection of multiple DDoS types, considering metrics such as accuracy, precision, recall, and training time. Leveraging WEKA tools and the CICDDoS2019 dataset, several machine-learning algorithms, including Multilayer Perceptron, Reduced Error Pruning (REP) Tree, Partial Decision Tree (PART), RandomForest, and J48, were trained and evaluated. Among these, J48 was determined to be the superior algorithm for classifying four DDoS types (UDP, SYN, Portmap, MSSQL), based on the aforementioned criteria. The algorithms were experimented with using diverse sets of features, and optimal results were obtained using six features, resulting in an overall accuracy of 99.97%. Subsequently, the selected algorithm was integrated into a real-time model, exhibiting exceptional performance, which will be thoroughly elucidated and discussed in a forthcoming paper.

Downloads

Download data is not yet available.

Author Biographies

Mohammad Jawad Kadhim Abood, Department of Information Networks, College of Information Technology, University of Babylon, Babylon, Iraq

mu4su@uobabylon.edu.iq

Ghassan Hameed Abdul-Majeed, Department of Computer Engineering, College of Engineering , University of Baghdad, Baghdad, Iraq

ghassan@uob.edu.iq

Downloads

Published

2024-04-11

How to Cite

Mohammad Jawad Kadhim Abood, & Ghassan Hameed Abdul-Majeed. (2024). Enhancing Multi-Class DDoS Attack Classification using Machine Learning Techniques. Journal of Advanced Research in Applied Sciences and Engineering Technology, 43(2), 75–92. https://doi.org/10.37934/araset.43.2.7592

Issue

Section

Articles