RF-RFE-SMOTE: A DoS And DDoS Attack Detection Framework

Authors

  • Nora Rashid Najam Northern Technical University
  • Razan Abdulhammed Abduljawad Northern Technical University

DOI:

https://doi.org/10.56286/ntujet.v2i2.436

Keywords:

DDoS Detection; Machine Learning; Imbalanced Dataset; Feature Selection; CIC-IDS-2018; CIC-DDoS2019

Abstract

Denial of service and Distributed denial of service (Dos/DDos) attacks continue to be one of the most significant dangers in cybersecurity. Many efforts are being put into developing defenses against these types of attacks. The tools used by attackers to perform these types of attacks increase day-to-day. Thus, a countermeasure is necessary. For this reason, this thesis utilized one of the most recent datasets (CSE-CICIDS2018 and CIC-DDoS2019) containing most Dos/DDoS attacks. This study proposed a framework based on Machine Learning for detecting denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks. The framework comprises three main modules: feature selection method using Random Forest—Recursive Feature Elimination (RF-RFE), handling the Imbalanced class distributions using Synthetic Minority Oversampling Technique (SMOTE), and classification. This study used five classifiers to make comparisons that include Random Forest (RF), Naive Bayes (NB), Logistic Regression (LR), and Linear and Quadratic Discriminant Analysis (LDA, QDA). Framework empirical findings reveal that the RF-RFE_SMOTE_RF outperformed all other models by obtaining an accuracy of 100% for CSE-CIC-IDS2018 and 0.99% for CIC-DDoS2019.

Additional Files

Published

2023-10-17

Issue

Section

Articles

How to Cite

[1]
“RF-RFE-SMOTE: A DoS And DDoS Attack Detection Framework”, NTU-JET, vol. 2, no. 2, Oct. 2023, doi: 10.56286/ntujet.v2i2.436.

Similar Articles

11-19 of 19

You may also start an advanced similarity search for this article.