Open Access iconOpen Access



Comprehensive DDoS Attack Classification Using Machine Learning Algorithms

Olga Ussatova1,2, Aidana Zhumabekova1,*, Yenlik Begimbayeva2,3, Eric T. Matson4, Nikita Ussatov5

1 Al-Farabi Kazakh National University, Almaty, 050040, Kazakhstan
2 Institute of Information and Computational Technologies, Almaty, 050010, Kazakhstan
3 Satbayev University, Almaty, 050013, Kazakhstan
4 Purdue University, West Lafayette, 47907, IN, USA
5 Turan University, Almaty, 050013, Kazakhstan

* Corresponding Author: Aidana Zhumabekova. Email: email

Computers, Materials & Continua 2022, 73(1), 577-594.


The fast development of Internet technologies ignited the growth of techniques for information security that protect data, networks, systems, and applications from various threats. There are many types of threats. The dedicated denial of service attack (DDoS) is one of the most serious and widespread attacks on Internet resources. This attack is intended to paralyze the victim's system and cause the service to fail. This work is devoted to the classification of DDoS attacks in the special network environment called Software-Defined Networking (SDN) using machine learning algorithms. The analyzed dataset included instances of two classes: benign and malicious. As the dataset contained twenty-two features, the feature selection techniques were required for dimensionality reduction. In these experiments, the Information gain, the Chi-square, and the F-test were applied to decrease the number of features to ten. The classes were also not completely balanced, so undersampling, oversampling, and synthetic minority oversampling (SMOTE) techniques were used to balance classes equally. The previous research works observed the classification of DDoS attacks applying various feature selection techniques and one or more machine learning algorithms. Still, they did not pay much attention to classifying the combinations of feature selection and balancing methods with different machine learning algorithms. This work is devoted to the classification of datasets with eight machine learning algorithms: naïve Bayes, logistic regression, support vector machine, k-nearest neighbors, decision tree, random forest, XGBoost, and CatBoost. In the experimental results, the Information gain and F-test feature selection methods achieved better performance with all eight ML algorithms than with the Chi-square technique. Furthermore, the accuracy values of the oversampled and SMOTE datasets were higher than that of the undersampled and imbalanced datasets. Among machine learning algorithms, the accuracy of support vector machine, logistic regression, and naïve Bayes fluctuates between 0.59 and 0.75, while decision tree, random forest, XGBoost, and CatBoost allowed achieving values around 0.99 and 1.00 with all feature selection and class balancing techniques among all the algorithms.


Cite This Article

O. Ussatova, A. Zhumabekova, Y. Begimbayeva, E. T. Matson and N. Ussatov, "Comprehensive ddos attack classification using machine learning algorithms," Computers, Materials & Continua, vol. 73, no.1, pp. 577–594, 2022.

cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1525


  • 916


  • 0


Share Link