Real-Time Detection and Mitigation of DDoS Attacks using Machine Learning Approach

Abstract

Among the diverse threats that wait in the digital realm, Distributed Denial of Service (DDoS) attacks emerge large as an insidious and ever-evolving menace. A Distributed Denial of Service attack is a malicious attempt to affect the availability of a targeted system, such as a website or application, to legitimate end users. The motivation behind this thesis is to harness the potential of machine learning to develop a system capable of real-time detection and mitigation of DDoS attacks. By doing so, we aim to fortify the cybersecurity landscape and ensure that organizations and individuals can navigate the digital world with greater resilience and security in the face of this persistent threat. The core issues the research aim to tackle is the imperative for an advanced and real-time DDoS detection and mitigation system, driven by Machine Learning (ML) methodologies. Even though there are various other security issue that must be addressed, safeguard network against Distributed Denial-of-Service (DDoS) attacks, ensuring that legitimate users can access the service while mitigating malicious packets from infiltrating the network is the primary scope of the research. A proposed real time detection and mitigation model for DDoS attack predict the class of traffic and mitigate it with IP blocking mechanism. The dataset for this study was obtained from real world public data source. The study proposed 6 models: SVM, DT, RF, NB, KNN and LR and Bidirectional feature selection techniques. The proposed model was evaluated using performance evaluation metrics and SVM outperformed other models on our dataset achieving accuracy of 97.3%. Finally, the model with better performance result are selected as the model with excellent detection result of DDoS attack.