Optimizing Ddos Attack Detection Performance Through Feature Selection In Machine Learning
DOI:
https://doi.org/10.31598/sintechjournal.v8i2.1914Keywords:
DDoS, Cyber Attack, Machine Learning, Feature Selection, Computational EfficiencyAbstract
Distributed Denial of Service (DDoS) attacks continue to pose significant challenges to cybersecurity infrastructure by overwhelming servers with massive traffic, rendering them inaccessible. Machine learning (ML) has become a critical tool for detecting such attacks efficiently. This study aims to enhance DDoS detection by applying and comparing three feature selection methods—Recursive Feature Elimination (RFE), Principal Component Analysis (PCA), and Information Gain (IG)—in conjunction with four ensemble-based classification algorithms: Random Forest (RF), LightGBM, XGBoost, and AdaBoost. The CIC-DDoS2019 dataset is utilized due to its diversity and representation of modern DDoS scenarios. The proposed approach evaluates each combination of feature selection and classification models based on accuracy, precision, recall, and F1-score. Furthermore, we incorporate k-fold cross-validation to ensure model robustness and assess computational efficiency during training and inference stages. The experimental results demonstrate that the combination of RFE with LightGBM yields superior performance across all evaluation metrics while maintaining low resource utilization. The novelty of this work lies in its systematic comparison of feature selection methods under hardware-aware constraints and its contribution to guiding efficient ML-based DDoS mitigation strategies. This study bridges the gap between detection accuracy and system efficiency, making it suitable for deployment in constrained environments such as edge devices or cloud-based intrusion detection systems.
References
[1] O. Ussatova, A. Zhumbekova, Y. Begimbayeva, E. Matson, and N. Ussatov, “Comprehensive DDoS attack classification using machine learning algorithms,” Computers, Materials & Continua, vol. 73, no. 1, pp. –, 2022.
[2] I. Cvitić, “An overview of distributed denial of service traffic detection approaches,” Promet – Traffic & Transportation, vol. 31, no. 4, pp. 453–464, 2019.
[3] K. Sahoo, B. Tripathy, K. Naik, S. Ramasubbareddy, B. Balusamy, M. Khari, and D. Burgos, “An evolutionary SVM model for DDoS attack detection in software defined networks,” IEEE Access, vol. 8, pp. 13502–132513, 2020.
[4] A. Aljuhani, “Machine learning approaches for combating distributed denial of service attacks in modern networking environments,” IEEE Access, vol. 9, pp. –, 2021.
[5] A. J. Perez-Diaz, A. I. Valdovinos, R. K. Choo, and D. Zhu, “A flexible SDN-based architecture for identifying and mitigating low-rate DDoS attacks using machine learning,” IEEE Access, vol. 8, pp. 155859–155872, 2020.
[6] K. Dasari and N. Devarakonda, “Detection of TCP-based DDoS attacks with SVM classification with different kernel functions using common uncorrelated feature subsets,” Int. J. Safety and Security Eng., vol. 12, no. 2, pp. 239–249, 2022.
[7] S. Dheyab, S. Abdulameer, and S. Mostafa, “Efficient machine learning model for DDoS detection system based on dimensionality reduction,” Acta Informatica Pragensia, vol. 11, no. 3, pp. 348–360, 2022.
[8] M. Marvi, A. Arfeen, and R. Uddin, “A generalized machine learning-based model for the detection of DDoS attacks,” Int. J. Network Management, vol. 31, no. 6, 2021.
[9] O. E. Omuya, O. G. Okeyo, and W. M. Kimwele, “Feature selection for classification using principal component analysis and information gain,” Expert Syst. Appl., vol. 174, 2021.
[10] D. Upadhyay, J. Manero, M. Zaman, and S. Sampalli, “Intrusion detection in SCADA based power grids: recursive feature elimination model with majority vote ensemble algorithm,” IEEE Trans. Netw. Sci. Eng., vol. 8, no. 3, pp. 2559–2574, 2021.
[11] Z. Ahmad, A. Khan, C. W. Shiang, J. Abdullah, and F. Ahmad, “Network intrusion detection system: a systematic study of machine learning and deep learning approaches,” Trans. Emerg. Telecommun. Technol., vol. 32, no. 1, 2021.
[12] I. Ismail, M. Mohmand, H. Hussain, A. Khan, U. Ullah, M. Zakarya, A. Ahmed, M. Raza, I. Rahman, and M. Haleem, “A machine learning-based classification and prediction technique for DDoS attacks,” IEEE Access, vol. 10, pp. 21443–21454, 2022.
[13] J. Bhayo, S. Shah, S. Hameed, A. Ahmed, J. Nasir, and D. Draheim, “Towards a machine learning-based framework for DDoS attack detection in software-defined IoT (SD-IoT) networks,” Eng. Appl. Artif. Intell., vol. 123, 2023.
[14] M. Aslam, D. Ye, A. Tariq, M. Asad, M. Hanif, D. Ndzi, S. Chelloug, M. Elaziz, M. Al-Qaness, and S. Jilani, “Adaptive machine learning based distributed denial-of-services attacks detection and mitigation system for SDN-enabled IoT,” Sensors, vol. 22, no. 7, 2022.
[15] M. Alshahrani, “A secure and intelligent software-defined networking framework for future smart cities to prevent DDoS attack,” Appl. Sci., vol. 13, no. 17, 2023.
[16] H. Polat, O. Polat, and A. Cetin, “Detecting DDoS attacks in software-defined networks through feature selection methods and machine learning models,” Sustainability, vol. 12, no. 3, 2020.
[17] A. Azhari, A. Muhammad, and C. Foozy, “Machine learning-based distributed denial of service attack detection on intrusion detection system regarding to feature selection,” Int. J. Artif. Intell. Res., vol. 4, no. 1, 2020.
[18] C. Bagyalakshmi and S. Samundeeswari, “DDoS attack classification on cloud environment using machine learning techniques with different feature selection methods,” Int. J. Adv. Trends Comput. Sci. Eng., vol. 9, no. 5, pp. 7301–7308, 2020.
[19] A. Barkah, S. Selamat, Z. Abidin, and R. Wahyudi, “Impact of data balancing and feature selection on machine learning-based network intrusion detection,” Int. J. Informatics Visualization, vol. 7, no. 1, 2023.
[20] M. Gupta and P. Chandra, “A comprehensive survey of data mining,” Int. J. Inf. Technol., vol. 12, no. 4, pp. 1243–1257, 2020.
[21] J. Bian and S. Fu, “Application of data mining in predictive analysis of network security model,” Security Commun. Netw., vol. 2022, no. 8, 2022.
[22] C. Castillo-Olea, B. Soto, C. Lozano, and C. Zuñiga, “Automatic classification of sarcopenia level in older adults: a case study at Tijuana General Hospital,” Int. J. Environ. Res. Public Health, vol. 16, no. 18, 2019.
[23] D. Kurnia, M. Mazdadi, D. Kartini, R. Nugroho, and F. Abadi, “Seleksi fitur dengan particle swarm optimization pada klasifikasi penyakit Parkinson menggunakan XGBoost,” J. Teknol. Inf. dan Ilmu Komput., vol. 10, no. 5, pp. 1083–1094, 2023.
[24] H. Saifullah, N. Adiwijaya, and T. Dharmawan, “Optimization of machine learning algorithms with bagging and AdaBoost methods for stroke disease prediction,” Appl. Med. Inform., vol. 45, no. 2, pp. 70–81, 2023.
[25] J. Kim, H. Lee, and J. Oh, “Study on prediction of ship’s power using light GBM and XGBoost,” J. Adv. Mar. Eng. Technol., vol. 44, no. 2, pp. 174–180
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Purnama Shiddiq M, Ferry Norman S, Luhur Bayu A
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
1.png)
