School of Mathematical & Statistical Sciences Faculty Publications and Presentations

Performance Analysis of Machine Learning Algorithms on Imbalanced DDoS Attack Dataset

Document Type

Conference Proceeding

Publication Date

7-2024

Abstract

Distributed Denial of Service (DDoS) attacks have been a significant challenge, presenting a substantial threat to the stability and security of the Internet. Detecting and mitigating DDoS attacks effectively remains challenging due to their unique characteristics. Recently, Artificial Intelligence (AI) and Machine Learning (ML) technologies have been introduced to develop efficient Intrusion Detection Systems (IDS) for detecting and preventing DDoS attacks. In this study, three distinct machine learning algorithms, namely Random Forest (RF), Naïve Bayes (NB), and K-Nearest Neighbors (KNN), were used to construct an IDS for identifying TCP-SYN based DDoS attack using the CIC-DDoS 2019 dataset. For this study, we employed a dataset comprising 200,000 samples of TCP-SYN attack data to assess the effectiveness of machine learning models in constructing an Intrusion Detection System (IDS). However, we found that this dataset was imbalanced which could impact the overall performance. To tackle the imbalance problem, four different techniques, namely SMOTE, ADASYN, SMOTE + Tomek Link, and SMOTE + ENN, were utilized, and their performances were evaluated. Subsequently, the performance of three ML models was assessed using metrics such as precision, recall, F1 score, balanced accuracy, and AUC score under four different balancing techniques. In this paper, we conducted simulations to compare the performance of these ML models with different balancing techniques.

Comments

Copyright IEEE.

Publication Title

2024 IEEE World AI IoT Congress (AIIoT)

DOI

10.1109/AIIoT61789.2024.10579021

Link to Full Text

Share

COinS