DDoS Attack Detection Using Hybrid Machine Learning Based IDS Models

Sumathi, S ; Rajesh, R ; Karthikeyan, N


A kind of cyber-attack that severely paralyzes the victim server by injecting illegitimate packets of data is a DDoS attack, which is progressive in nature. Therefore its detection is a highly tedious task. Hence, IDS models are developed to detect this attack efficiently, based on machine learning algorithms such as C4.5, SVM, and KNN classifier algorithms and 10-fold cross validation techniques. The NSL-KDD bench mark dataset is employed to validate the models experimentally. A 10-fold cross validation technique is used to select the trend features, and ten trial runs are made to avoid biased output. The classic SVM classifier model reported better accuracy, but the precision and sensitivity of the C4.5 classifier algorithm are better than that of SVM and KNN models. In order to improve the performance of the machine learning based intrusion detection models, an attempt is made to feed the SVM and KNN based IDS model with the features selected by C4.5 classifier algorithm, and the obtained performance metric values are reported. It is evident from the results obtained that the hybrid combination of C4.5 with SVM out performed all other models discussed in this research with an accuracy of 0.9604.


Distributed denial of service, K-nearest neighbors, NSL-KDD dataset, Support vector machine

Full Text: PDF (downloaded 194 times)


  • There are currently no refbacks.
This abstract viewed 269 times