Feature Selection of Distributed Denial of Service (DDos) IoT Bot Attack Detection Using Machine Learning Techniques

Abstract

Distributed Denial of Service (DDoS) attacks can be made through numerous mediums, becoming one of the biggest threats to computer security. One of the most effective approaches is to develop an algorithm using Machine Learning (ML). However, the low accuracy of DDoS is because of the feature selection classifier and time-consuming detection. This research focuses on the feature selection of DDoS IoT bot attack detection using ML techniques. Two datasets from NetFlow, NF_ToN_IoT and NF_BoT_IoT, are manipulated with two attributes selection: Information Gain and Gain Ratio, and ranked using the Ranker algorithm. These datasets are then tested using four different algorithms, such as Naïve Bayes (NB). K-Nearest Neighbor (KNN), Decision Table (DT), and Random Forest (RF). The results were compared using confusion matrix evaluation Accuracy, True Positive, True Negative, Precision, and Recall. The result from two datasets is selected by the Top 4, Top 8, and Top 12 feature selection. The best overall classifier is Naïve Bayes, with an accuracy of 97.506% and 90.67% for both datasets NF_ToN_IoT and NF_BoT_IoT.