DDoS Attack Detection System Using Machine Learning Techniques

Abstract

Distributed Denial of Service (DDoS) attacks are the major issues that introduce disruption of accessibility and reliability of the network services. The purpose of this paper is to demonstrate an overall recognized machine learning based system that can efficiently identify and classify DDoS attacks using a rich dataset allowing us to work with various installation network traffic attributes, we have developed an automatically classification pipeline the Random Forest Classifier which is known for its high performance in handling large datasets and heterogeneous data. These learnt models were then combined with Decision Tree, Gradient Boosting, and Logistic Regression models to provide a better way analyze the product. An important step involved in this framework is the data preprocessing pipeline that involves one-hot encoding of categorical features to numerical features and scaling for the numerical features, leading to model input optimization. Efficiency of our models is assessed through metrics just as accuracy, precision, recall, and F1-score and it is further validated using cross-validation techniques. The top models are being evaluated by powerful tools, which include feature importance visualization, confusion matrices, precision-recall curves, and calibration curves, for a deeper understanding of their predictive ability as well as their decision-making processes, within those models. A feedback loop mechanism for the iterative betterment and adaptation of the model is accounted which learns from new patterns actively. This approach demonstrates good evaluation and robust in identifying DDoS attacks that are threat of cybersecurity defenses using machine learning.