Klíčová slova: Distributed Denial of Service (DDoS); Intrusion Detection Systems (IDS); Machine Learning (ML); Random Forest (RF); Decision Tree (DT); Dimensionality Reduction (DR)
Anotace:
Distributed denial of service (DDoS) attacks are one of the most common global challenges faced by service providers on the web. It leads to network disturbances, interruption of communication and significant damage to services. Researchers seek to develop intelligent algorithms to detect and prevent DDoS attacks. The present study proposes an efficient DDoS attack detection model. This model relies mainly on dimensionality reduction and machine learning algorithms. The principal component analysis (PCA) and the linear discriminant analysis (LDA) techniques perform the dimensionality reduction in individual and hybrid modes to process and improve the data. Subsequently, DDoS attack detection is performed based on random forest (RF) and decision tree (DT) algorithms. The model is implemented and tested on the CICDDoS2019 dataset using different data dimensionality reduction test scenarios. The results show that using dimensionality reduction techniques along with the ML algorithms with a dataset containing high-dimensional data significantly improves the classification results. The best accuracy result of 99.97% is obtained when the model operates in a hybrid mode based on a combination of PCA, LDA and RF algorithms, and the data reduction parameter equals 40.