RF-RFE-SMOTE: A DoS And DDoS Attack Detection Framework

Abstract

Denial of service and Distributed denial of service (Dos/DDos) attacks continue to be one of the most significant dangers in cybersecurity. Many efforts are being put into developing defenses against these types of attacks. The tools used by attackers to perform these types of attacks increase day-to-day. Thus, a countermeasure is necessary. For this reason, this thesis utilized one of the most recent datasets (CSE-CICIDS2018 and CIC-DDoS2019) containing most Dos/DDoS attacks. This study proposed a framework based on Machine Learning for detecting denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks. The framework comprises three main modules: feature selection method using Random Forest—Recursive Feature Elimination (RF-RFE), handling the Imbalanced class distributions using Synthetic Minority Oversampling Technique (SMOTE), and classification. This study used five classifiers to make comparisons that include Random Forest (RF), Naive Bayes (NB), Logistic Regression (LR), and Linear and Quadratic Discriminant Analysis (LDA, QDA)^”. Framework empirical findings reveal that the RF-RFE_SMOTE_RF outperformed all other models by obtaining an accuracy of 100% for CSE-CIC-IDS2018 and 0.99% for CIC-DDoS2019.