Classification of DDoS Attack with Machine Learning Architectures and Exploratory Analysis
Abstract
The ever-increasing frequency of occurrence and sophistication of DDoS attacks pose a serious threat to network security. Accurate classification of DDoS attacks with efficiency is crucial in order to develop effective defense mechanisms. In this thesis, we propose a novel approach for DDoS classification using the CatBoost algorithm, on CICDDoS2019, a benchmark dataset containing 12 variations of DDoS attacks and legitimate traffic using real-world traffic traces. With a developed ensemble feature selection method and feature engineering, our model proves to be a good fit for DDoS attack type prediction. Our experimental results demonstrate that our proposed approach achieves high classification accuracy of 89.5% and outperforms several state-of-the-art machine learning algorithms in terms of both accuracy and computational efficiency. The thesis does not only limit itself to achieving a good prediction score, it also uses the recently introduced concept of explainable AI (XAI) as a tool for ensuring transparency and interpretability of the proposed approach. Our approach can be applied in real-world scenarios to enhance the security of network infrastructure against DDoS attacks.