Abstract:
DDoS or Distributed Denial of Service attacks are primary concern for network security, inundating victims with botnet-generated traffic to render them largely inoperable. This work explores how to utilize machine learning techniques to detect DDoS effectively, using a feature set of various network traffic features and an extracted basic dataset that labels them as either benign or DDoS. In this regard, the research method consisted of strict preprocessing of the data, where it was necessary to eliminate missing values and conduct a train-test split with 70% training data and 30% testing data. This last adjustment was decisive to guarantee realism in the evaluation of the models. A total of five separate machine learning models were implemented; Random Forest, Logistic Regression, Neural Network, SVM or Support Vector Machine, and KNN or K-Nearest Neighbors. A mixed model also was developed using soft voting classifier which combines vote from these models to blend the advantages. Robust evaluation of the models on several metrics was conducted, including accuracy, precision, recall, F1 score, and Area under ROC curve (AUC) score. Confusion matrices and ROC curves gave detailed demonstrations on how well the classification performed, and the models held strong results in classifying benign from malicious traffic. The outcomes indicated that Random Forest model due to its response to complex interaction of features and hybrid due to assembling performed better in detecting. The results show that a combination of different ML techniques improve the DDoS detection accuracy and robustness. This research represents significant contributions towards improving detection mechanisms that can affect greatly the development of more secure networks, including those preventing the impact of DDoS as computational infrastructures become more sophisticated and overtly susceptible to having their operation disrupted by such attacks.
