DDoS Attacks Detection Method Using Feature Importance and Support Vector Machine

Ahmad Sanmorino; Rendra Gustriansyah; Juhaini Alie

doi:10.30595/juita.v10i2.14939

Authors

Ahmad Sanmorino Universitas Indo Global Mandiri
Rendra Gustriansyah Universitas Indo Global Mandiri
Juhaini Alie Universitas Indo Global Mandiri

DOI:

https://doi.org/10.30595/juita.v10i2.14939

Keywords:

Distributed denial-of-service attacks detection method, feature importance, support vector machine

Abstract

In this study, the author wants to prove the combination of feature importance and support vector machine relevant to detecting distributed denial-of-service attacks. A distributed denial-of-service attack is a very dangerous type of attack because it causes enormous losses to the victim server. The study begins with determining network traffic features, followed by collecting datasets. The author uses 1000 randomly selected network traffic datasets for the purposes of feature selection and modeling. In the next stage, feature importance is used to select relevant features as modeling inputs based on support vector machine algorithms. The modeling results were evaluated using a confusion matrix table. Based on the evaluation using the confusion matrix, the score for the recall is 93 percent, precision is 95 percent, and accuracy is 92 percent. The author also compares the proposed method to several other methods. The comparison results show the performance of the proposed method is at a fairly good level in detecting distributed denial-of-service attacks. We realized this result was influenced by many factors, so further studies are needed in the future.

Author Biographies

Ahmad Sanmorino, Universitas Indo Global Mandiri

Faculty of Computer Science

Rendra Gustriansyah, Universitas Indo Global Mandiri

Faculty of Computer Science

Juhaini Alie, Universitas Indo Global Mandiri

Faculty of Economics

References

[1] J. Park, M. Mohaisen, D. H. Nyang, and A. Mohaisen, “Assessing the effectiveness of pulsing denial of service attacks under realistic network synchronization assumptions,” Comput. Networks, vol. 173, no. December 2019, p. 107146, 2020, doi: 10.1016/j.comnet.2020.107146.

[2] A. Bhardwaj, V. Mangat, and R. Vig, “Effective mitigation against IoTs using super materials for distributed denial of service attacks in cloud computing,” Mater. Today Proc., vol. 28, no. xxxx, pp. 1359–1362, 2020, doi: 10.1016/j.matpr.2020.04.800.

[3] Y. Cui et al., “Towards DDoS detection mechanisms in Software-Defined Networking,” J. Netw. Comput. Appl., vol. 190, no. March, p. 103156, 2021, doi: 10.1016/j.jnca.2021.103156.

[4] R. Priyadarshini and R. K. Barik, “A deep learning based intelligent framework to mitigate DDoS attack in fog environment,” J. King Saud Univ. - Comput. Inf. Sci., vol. 34, no. 3, pp. 825–831, 2022, doi: 10.1016/j.jksuci.2019.04.010.

[5] A. Jaszcz and D. Połap, “AIMM : Artificial Intelligence Merged Methods for flood DDoS attacks detection,” J. King Saud Univ. - Comput. Inf. Sci., no. xxxx, 2022, doi: 10.1016/j.jksuci.2022.07.021.

[6] G. C. Amaizu, C. I. Nwakanma, S. Bhardwaj, J. M. Lee, and D. S. Kim, “Composite and efficient DDoS attack detection framework for B5G networks,” Comput. Networks, vol. 188, no. December 2020, p. 107871, 2021, doi: 10.1016/j.comnet.2021.107871.

[7] M. A. Lawall, R. A. Shaikh, and S. R. Hassan, “A DDoS Attack Mitigation Framework for IoT Networks using Fog Computing,” Procedia Comput. Sci., vol. 182, pp. 13–20, 2021, doi: 10.1016/j.procs.2021.02.003.

[8] P. Harikrishna and A. Amuthan, “Rival-Model Penalized Self-Organizing Map enforced DDoS attack prevention mechanism for software defined network-based cloud computing environment,” J. Parallel Distrib. Comput., vol. 154, pp. 142–152, 2021, doi: 10.1016/j.jpdc.2021.03.005.

[9] O. Thorat, N. Parekh, and R. Mangrulkar, “TaxoDaCML: Taxonomy based Divide and Conquer using machine learning approach for DDoS attack classification,” Int. J. Inf. Manag. Data Insights, vol. 1, no. 2, p. 100048, 2021, doi: 10.1016/j.jjimei.2021.100048.

[10] H. T. Manjula and Neha Mangla, “An approach to on-stream DDoS blitz detection using machine learning algorithms,” Mater. Today Proc., no. xxxx, 2022, doi: 10.1016/j.matpr.2021.07.280.

[11] C. M. Scavuzzo et al., “Feature importance: Opening a soil-transmitted helminth machine learning model via SHAP,” Infect. Dis. Model., vol. 7, no. 1, pp. 262–276, 2022, doi: 10.1016/j.idm.2022.01.004.

[12] I. Zoppis, G. Mauri, and R. Dondi, Kernel methods: Support vector machines, vol. 1–3. Elsevier Ltd., 2018. doi: 10.1016/B978-0-12-809633-8.20342-7.

[13] L. Hong, Z. Chen, Y. Wang, M. Shahidehpour, and M. Wu, “A novel SVM-based decision framework considering feature distribution for Power Transformer Fault Diagnosis ✩,” Energy Reports, vol. 8, pp. 9392–9401, 2022, doi: 10.1016/j.egyr.2022.07.062.

[14] A. Sanmorino, “A study for DDOS attack classification method,” J. Phys. Conf. Ser., vol. 1175, no. 1, 2019, doi: 10.1088/1742-6596/1175/1/012025.

[15] A. Sanmorino and S. Yazid, “DDoS Attack detection method and mitigation using pattern of the flow,” 2013. doi: 10.1109/ICoICT.2013.6574541.

[16] A. Wibowo, S. Rasyid, C. Pratama, L. Sophia, D. P. Sahara, and S. Tri, “Geodesy and Geodynamics Anomaly detection on displacement rates and deformation pattern features using tree-based algorithm in Japan and Indonesia,” Geod. Geodyn., no. August, pp. 1–13, 2022, doi: 10.1016/j.geog.2022.07.003.

[17] A. V. Phan, P. N. Chau, M. Le Nguyen, and L. T. Bui, “Automatically classifying source code using tree-based approaches,” Data Knowl. Eng., vol. 114, no. July, pp. 12–25, 2018, doi: 10.1016/j.datak.2017.07.003.

[18] X. Zhu, C. Ying, J. Wang, J. Li, X. Lai, and G. Wang, “Ensemble of ML-KNN for classification algorithm recommendation,” Knowledge-Based Syst., vol. 221, p. 106933, 2021, doi: 10.1016/j.knosys.2021.106933.

[19] L. Yang, F. Wei, and E. Chen, “Developing an assessment index for collection-user suitability: Application of information entropy in library science,” J. Acad. Librariansh., vol. 48, no. 1, p. 102477, 2022, doi: 10.1016/j.acalib.2021.102477.

[20] M. Wibral and V. Priesemann, Information Theoretical Approaches, vol. 1. Elsevier Inc., 2015. doi: 10.1016/B978-0-12-397025-1.00338-9.

[21] J. Xu, Y. Zhang, and D. Miao, “Three-way confusion matrix for classification: A measure driven view,” Inf. Sci. (Ny)., vol. 507, pp. 772–794, 2020, doi: 10.1016/j.ins.2019.06.064.

[22] S. Wang, H. Lu, A. Khan, F. Hajati, M. Khushi, and S. Uddin, “A machine learning software tool for multiclass classification,” Softw. Impacts, vol. 13, no. July, p. 100383, 2022, doi: 10.1016/j.simpa.2022.100383.

[23] T. Duong, “Non-parametric smoothed estimation of multivariate cumulative distribution and survival functions, and receiver operating characteristic curves,” J. Korean Stat. Soc., vol. 45, no. 1, pp. 33–50, 2016, doi: 10.1016/j.jkss.2015.06.002.