RF-RFE-SMOTE: A DoS And DDoS Attack Detection Framework

NTU Journal of Engineering and Technology Pub Date : 2023-10-17 DOI:10.56286/ntujet.v2i2.436

Nora Rashid Najam, Razan Abdulhammed Abduljawad

{"title":"RF-RFE-SMOTE: A DoS And DDoS Attack Detection Framework","authors":"Nora Rashid Najam, Razan Abdulhammed Abduljawad","doi":"10.56286/ntujet.v2i2.436","DOIUrl":null,"url":null,"abstract":"Denial of service and Distributed denial of service (Dos/DDos) attacks continue to be one of the most significant dangers in cybersecurity. Many efforts are being put into developing defenses against these types of attacks. The tools used by attackers to perform these types of attacks increase day-to-day. Thus, a countermeasure is necessary. For this reason, this thesis utilized one of the most recent datasets (CSE-CICIDS2018 and CIC-DDoS2019) containing most Dos/DDoS attacks. This study proposed a framework based on Machine Learning for detecting denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks. The framework comprises three main modules: feature selection method using Random Forest—Recursive Feature Elimination (RF-RFE), handling the Imbalanced class distributions using Synthetic Minority Oversampling Technique (SMOTE), and classification. This study used five classifiers to make comparisons that include Random Forest (RF), Naive Bayes (NB), Logistic Regression (LR), and Linear and Quadratic Discriminant Analysis (LDA, QDA)”. Framework empirical findings reveal that the RF-RFE_SMOTE_RF outperformed all other models by obtaining an accuracy of 100% for CSE-CIC-IDS2018 and 0.99% for CIC-DDoS2019.","PeriodicalId":500723,"journal":{"name":"NTU Journal of Engineering and Technology","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"NTU Journal of Engineering and Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.56286/ntujet.v2i2.436","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Denial of service and Distributed denial of service (Dos/DDos) attacks continue to be one of the most significant dangers in cybersecurity. Many efforts are being put into developing defenses against these types of attacks. The tools used by attackers to perform these types of attacks increase day-to-day. Thus, a countermeasure is necessary. For this reason, this thesis utilized one of the most recent datasets (CSE-CICIDS2018 and CIC-DDoS2019) containing most Dos/DDoS attacks. This study proposed a framework based on Machine Learning for detecting denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks. The framework comprises three main modules: feature selection method using Random Forest—Recursive Feature Elimination (RF-RFE), handling the Imbalanced class distributions using Synthetic Minority Oversampling Technique (SMOTE), and classification. This study used five classifiers to make comparisons that include Random Forest (RF), Naive Bayes (NB), Logistic Regression (LR), and Linear and Quadratic Discriminant Analysis (LDA, QDA)”. Framework empirical findings reveal that the RF-RFE_SMOTE_RF outperformed all other models by obtaining an accuracy of 100% for CSE-CIC-IDS2018 and 0.99% for CIC-DDoS2019.

查看原文本刊更多论文

RF-RFE-SMOTE: DoS和DDoS攻击检测框架

拒绝服务和分布式拒绝服务(Dos/DDos)攻击仍然是网络安全中最重要的危险之一。人们正在努力开发针对这类攻击的防御措施。攻击者用于执行这些类型攻击的工具每天都在增加。因此，有必要制定对策。出于这个原因，本文使用了包含大多数Dos/DDoS攻击的最新数据集之一(CSE-CICIDS2018和CIC-DDoS2019)。本研究提出了一个基于机器学习的框架，用于检测拒绝服务(DoS)和分布式拒绝服务(DDoS)攻击。该框架包括三个主要模块:基于随机森林-递归特征消除(RF-RFE)的特征选择方法、基于合成少数派过采样技术(SMOTE)的不平衡类分布处理方法和分类方法。本研究使用五种分类器进行比较，包括随机森林(RF)、朴素贝叶斯(NB)、逻辑回归(LR)和线性和二次判别分析(LDA, QDA)。框架实证结果表明，RF-RFE_SMOTE_RF优于所有其他模型，CSE-CIC-IDS2018的准确率为100%，CIC-DDoS2019的准确率为0.99%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

NTU Journal of Engineering and Technology

自引率

0.00%

发文量