JOURNAL ARTICLE

DDoS Attack Detection Based on Random Forest

Abstract

With the development of network technology, distributed denial of service (DDoS) attacks have increasingly become an important security risk that endangers the network. It uses common protocols and services when attacking, so it is difficult to detect through traditional methods. Based on the idea of rational thinking, DDoS attack detection can be simulated as a classification problem that distinguishes between "rational" and "irrational" network flow states. This article analyzes the common TCP flood attacks, UDP flood attacks, and ICMP flood attacks in detail. Define the characteristics of data stream information entropy (DSIE) to characterize attack behavior. A DDoS attack detection method based on random forest classification (RFC) model is proposed. Establish classification models for the above three types of typical attack methods. Through training and learning, it is finally predicted whether the network traffic is normal. Experimental results show that the RFC model can more accurately distinguish between normal traffic and attack traffic, with a higher detection rate and a lower false alarm rate.

Keywords:
Internet Control Message Protocol Denial-of-service attack Computer science Application layer DDoS attack Computer security Random forest Constant false alarm rate Network security Data mining Computer network Artificial intelligence The Internet Network packet

Metrics

26
Cited By
2.20
FWCI (Field Weighted Citation Impact)
14
Refs
0.88
Citation Normalized Percentile
Is in top 1%
Is in top 10%

Citation History

Topics

Network Security and Intrusion Detection
Physical Sciences →  Computer Science →  Computer Networks and Communications
Anomaly Detection Techniques and Applications
Physical Sciences →  Computer Science →  Artificial Intelligence
Advanced Malware Detection Techniques
Physical Sciences →  Computer Science →  Signal Processing

Related Documents

JOURNAL ARTICLE

Random Forest Implementation for Suricata-Based Real-Time DDoS Attack Detection

JuhariNuralamsah ZulkarnaimMuh Rafli RasyidAndi M. Yusuf

Journal:   Journal of Embedded Systems Security and Intelligent Systems Year: 2025 Pages: 119-132
JOURNAL ARTICLE

DDoS attack detection using MLP and Random Forest Algorithms

Ashfaq Ahmad NajarS. Manohar Naik

Journal:   International Journal of Information Technology Year: 2022 Vol: 14 (5)Pages: 2317-2327
BOOK-CHAPTER

SDN-Based DDOS Attack Identification Using Random Forest Classification

K. RadhaR. Parameswari

Algorithms for intelligent systems Year: 2024 Pages: 313-328
© 2026 ScienceGate Book Chapters — All rights reserved.