Abstract
SummaryAs time is progressing, the number and the complexity of methods adopted for launching distributed denial of service (DDoS) attacks are changing. Therefore, we propose a methodology for the development of a generalized machine learning (ML)‐based model for the detection of DDoS attacks. After exploring various attributes of the dataset chosen for this study, we propose an integrated feature selection (IFS) method which consists of three stages and integration of two different methods, that is, filter and embedded methods to select features which highly contribute to the detection of various types of DDoS attacks. We use light gradient boosting machine (LGBM) algorithm for training of the model for classification of benign and malicious flows. For ensuring satisfactory performance and generalized behavior of the developed model, we test it by passing records of unseen DDoS attack types. Several performance metrics are employed for the evaluation of the model. By comparing the performance of developed model against state‐of‐the‐art models, we state an improvement of around 20% for almost all the reported metrics. We also show that the performance of the model improves if feature space is reduced by 77%. Furthermore, the generalized behavior of the developed model is justified by demonstrating a trade‐off between high variance and high bias ML models.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
