DDoS Attacks Detection Method Using Feature Importance and Support Vector Machine

Abstract

In this study, the author wants to prove the combination of feature importance and support vector machine relevant to detecting distributed denial-of-service attacks. A distributed denial-of-service attack is a very dangerous type of attack because it causes enormous losses to the victim server. The study begins with determining network traffic features, followed by collecting datasets. The author uses 1000 randomly selected network traffic datasets for the purposes of feature selection and modeling. In the next stage, feature importance is used to select relevant features as modeling inputs based on support vector machine algorithms. The modeling results were evaluated using a confusion matrix table. Based on the evaluation using the confusion matrix, the score for the recall is 93 percent, precision is 95 percent, and accuracy is 92 percent. The author also compares the proposed method to several other methods. The comparison results show the performance of the proposed method is at a fairly good level in detecting distributed denial-of-service attacks. We realized this result was influenced by many factors, so further studies are needed in the future.