Feature Selection Approach to Detect DDoS Attack Using Machine Learning Algorithms

Muhammad Aqil Haqeemi Azmi - Information Security Interest Group (ISIG), Faculty of Computer Science and Information Technology, Universiti Tun Hussein Onn Malaysia, Parit Raja, 86400, Batu Pahat, Johor, Malaysia
Cik Feresa Mohd Foozy - Information Security Interest Group (ISIG), Faculty of Computer Science and Information Technology, Universiti Tun Hussein Onn Malaysia, Parit Raja, 86400, Batu Pahat, Johor, Malaysia
Khairul Amin Mohamad Sukri - Information Security Interest Group (ISIG), Faculty of Computer Science and Information Technology, Universiti Tun Hussein Onn Malaysia, Parit Raja, 86400, Batu Pahat, Johor, Malaysia
Nurul Azma Abdullah - Information Security Interest Group (ISIG), Faculty of Computer Science and Information Technology, Universiti Tun Hussein Onn Malaysia, Parit Raja, 86400, Batu Pahat, Johor, Malaysia
Isredza Rahmi A. Hamid - Center For Information Security Research (CISR), Faculty of Computer Science and Information Technology, Universiti Tun Hussein Onn Malaysia, Parit Raja, 86400, Batu Pahat, Johor, Malaysia
Hidra Amnur - Department of Information Technology, Politeknik Negeri Padang, West Sumatera, Indonesia


Citation Format:



DOI: http://dx.doi.org/10.30630/joiv.5.4.734

Abstract


Distributed Denial of Service (DDoS) attacks are dangerous attacks that can cause disruption to server, system or application layer. It will flood the target server with the amount of Internet traffic that the server could not afford at one time. Therefore, it is possible that the server will not work if it is affected by this DDoS attack. Due to this attack, the network security environment becomes insecure with the possibility of this attack. In recent years, the cases related to DDoS attacks have increased. Although previously there has been a lot of research on DDoS attacks, cases of DDoS attacks still exist. Therefore, the research on feature selection approach has been done in effort to detect the DDoS attacks by using machine learning techniques. In this paper, to detect DDoS attacks, features have been selected from the UNSW-NB 15 dataset by using Information Gain and Data Reduction method. To classify the selected features, ANN, Naïve Bayes, and Decision Table algorithms were used to test the dataset. To evaluate the result of the experiment, the parameters of Accuracy, Precision, True Positive and False Positive evaluated the results and classed the data into attacks and normal class. Hence, the good features have been obtained based on the experiments. To ensure the selected features are good or not, the results of classification have been compared with the past research that used the same UNSW-NB 15 dataset. To conclude, the accuracy of ANN, Naïve Bayes and Decision Table classifiers has been increased by using this feature selection approach compared to the past research.

Full Text:

PDF

References


M. Zekri, S. El Kafhali, N. Aboutabit, and Y. Saadi, “DDoS attack detection using machine learning techniques in cloud computing environments,†in Proceedings of 2017 International Conference of Cloud Computing Technologies and Applications, CloudTech 2017, 2018, vol. 2018-January, pp. 1–7.

T. Mahjabin, Y. Xiao, G. Sun, and W. Jiang, “A survey of distributed denial-of-service attack, prevention, and mitigation techniques,†Int. J. Distrib. Sens. Networks, vol. 13, no. 12, Dec. 2017.

D. Albertivan, H. Limantara, R. A. Rachmadiati, A. W. Pamungkas, and N. Surantha, “IT risk identification and evaluation: A case study on XYZ University,†Int. J. Adv. Sci. Eng. Inf. Technol., vol. 9, no. 1, pp. 250–257, 2019.

A. K. Hakim, M. Abdurohman, and F. A. Yulianto, “Improving DDoS detection accuracy using Six-Sigma in SDN environment,†Int. J. Adv. Sci. Eng. Inf. Technol., vol. 8, no. 2, pp. 365–370, 2018.

S. Suroto, “A Review of Defense Against Slow HTTP Attack,†JOIV Int. J. Informatics Vis., vol. 1, no. 4, pp. 127–134, Nov. 2017.

S. Cook, “Comparitech,†2020. [Online]. Available: https://www.comparitech.com/blog/information-security/ddos-statistics-facts/. [Accessed: 24-Oct-2020].

B. B. Gupta, R. C. Joshi, and M. Misra, “Dynamic and Auto Responsive Solution for Distributed Denial-of-Service Attacks Detection in ISP Network,†Apr. 2012.

A. Srivastava, B. B. Gupta, A. Tyagi, A. Sharma, and A. Mishra, “A recent survey on DDoS attacks and defense mechanisms,†in Communications in Computer and Information Science, 2011, vol. 203 CCIS, pp. 570–580.

F. M. Nur Aini Zafirah Bt Abdul Kamal, “Botnet Malware Network Intrusion Detection Using Machine Learning Universiti Tun Hussein Onn Malaysia,†2019.

R. Vishwakarma, “A Honeypot with Machine Learning based Detection Framework for defending IoT based Botnet DDoS Attacks ,†2019.

R. Vishwakarma and A. K. Jain, “A survey of DDoS attacking techniques and defence mechanisms in the IoT network,†Telecommunication Systems, vol. 73, no. 1. Springer, pp. 3–25, 2020.

A. Chowdhury, “Recent cyber security attacks and their mitigation approaches - An overview,†in Communications in Computer and Information Science, 2016, vol. 651, pp. 54–65.

T. A. Tuan, H. V. Long, L. H. Son, R. Kumar, I. Priyadarshini, and N. T. K. Son, “Performance evaluation of Botnet DDoS attack detection using machine learning,†Evol. Intell., vol. 13, no. 2, pp. 283–294, Jun. 2020.

M. Barati, A. Abdullah, N. I. Udzir, R. Mahmod, and N. Mustapha, “Distributed Denial of Service detection using hybrid machine learning technique,†in Proceedings - 2014 International Symposium on Biometrics and Security Technologies, ISBAST 2014, 2015, pp. 268–273.

B. Zhou, J. Li, J. Wu, S. Guo, Y. Gu, and Z. Li, “Machine-learning-based online distributed denial-of-service attack detection using spark streaming,†in IEEE International Conference on Communications, 2018, vol. 2018-May.

S. R. Kalmegh, “Comparative Analysis of the WEKA Classifiers Rules Conjunctiverule & Decisiontable on Indian News Dataset by Using Different Test Mode,†2018.

P. Kaur, M. Kumar, and A. Bhandari, “A review of detection approaches for distributed denial of service attacks,†Syst. Sci. Control Eng., vol. 5, no. 1, pp. 301–320, Jan. 2017.

J. Cai, J. Luo, S. Wang, and S. Yang, “Feature selection in machine learning: A new perspective,†Neurocomputing, vol. 300, pp. 70–79, Jul. 2018.

Sui, “Information Gain Feature Selection Based on Feature Interactions,†2013.

L. Koesten, E. Simperl, T. Blount, E. Kacprzak, and J. Tennison, “Everything you always wanted to know about a dataset: Studies in data summarisation,†Int. J. Hum. Comput. Stud., vol. 135, p. 102367, Mar. 2020.

N. Moustafa and J. Slay, “UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set),†in 2015 Military Communications and Information Systems Conference, MilCIS 2015 - Proceedings, 2015.

S. Lei, “A feature selection method based on information gain and genetic algorithm,†in Proceedings - 2012 International Conference on Computer Science and Electronics Engineering, ICCSEE 2012, 2012, vol. 2, pp. 355–358.

A. F. Kuri-Morales, “The best neural network architecture,†in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2014, vol. 8857, pp. 72–84.

Z. K. Maseer, R. Yusof, N. Bahaman, S. A. Mostafa, and C. F. M. Foozy, “Benchmarking of Machine Learning for Anomaly Based Intrusion Detection Systems in the CICIDS2017 Dataset,†IEEE Access, vol. 9, pp. 22351–22370, 2021.

G. Witt, “A brief history of rules,†in Writing Effective Business Rules, Elsevier, 2012, pp. 25–63.