UPM Institutional Repository

An intelligent DDoS attack detection tree-based model using Gini index feature selection method


Citation

Bouke, Mohamed Aly and Abdullah, Azizol and ALshatebi, Sameer Hamoud and Abdullah, Mohd Taufik and Atigh, Hayate El (2023) An intelligent DDoS attack detection tree-based model using Gini index feature selection method. Microprocessors and Microsystems, 98. art. no. 104823. pp. 1-10. ISSN 0141-9331

Abstract

Cyber security has recently garnered enormous attention due to the popularity of the Internet of Things (IoT), intelligent devices rapid growth, and a vast number of real-life applications. As a result, detecting threats and constructing an efficient Intrusion detection system (IDS) have become crucial in todays security requirements. Withal, the large amount of high dimensional data might influence detection effectiveness and raise the computation requirements. Artificial Intelligence (AI) has recently attracted much attention and is widely used to build intelligent IDSs to preserve data confidentiality, integrity, and availability. Distributed denial of service (DDoS) is a denial of service (DoS) variant mainly targeting asset availability. Preventing DoS at the network or infrastructure level typically depends on implementing an IDS. This paper proposes a novel intelligent DDoS attack detection model based on a Decision Tee (DT) algorithm and an enhanced Gini index feature selection method. Our approach is evaluated on the UNSW-NB15 dataset, which contains 1,140,045 samples and is more recent and comprehensive than those used in previous works. Our system achieved an overall accuracy of 98, outperforming baseline models that used more advanced algorithms such as Random Forest and XGBoost. Our enhanced Gini index feature selection method allowed us to select only 13 out of 45 security features, significantly reducing the data dimensionality and avoiding overfitting issues. Our model also has a lower false alarm rate, misclassifying only 2 of the testing instances. Our approach is, therefore, highly effective and efficient, with the potential to be used in real-world network security applications.


Download File

Full text not available from this repository.

Additional Metadata

Item Type: Article
Divisions: Faculty of Computer Science and Information Technology
DOI Number: https://doi.org/10.1016/j.micpro.2023.104823
Publisher: Elsevier B.V.
Keywords: Feature importance; Decision trees; Gini index; DDoS; UNSW-NB15; Industry; Innovation and infrastructure
Depositing User: Ms. Che Wa Zakaria
Date Deposited: 21 Oct 2024 01:53
Last Modified: 21 Oct 2024 01:53
Altmetrics: http://www.altmetric.com/details.php?domain=psasir.upm.edu.my&doi=10.1016/j.micpro.2023.104823
URI: http://psasir.upm.edu.my/id/eprint/106576
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item