DDoS Attack Detection Using Machine Learning and Improved Clustering Algorithm

Abstract

Distributed Denial of Service (DDoS) attacks have recently emerged as one of the most destructive threats to network systems. This paper aims to develop a technique that efficiently identifies DDoS attacks in networked systems by leveraging improved clustering techniques and machine learning algorithms. This methodology employs a Modified Fuzzy C-Means (MFCM) clustering algorithm to partition the available DDoS attack dataset and integrate a classification algorithm to accurately detect attacks and classify data based on specific network characteristics derived from the transformed data packets. The clustering algorithm predominantly relies on distance measurements derived from fuzzy coefficients, significantly limiting its ability to identify and classify emerging attack scenarios. The current study introduces the integration of the MFCM clustering algorithm with sophisticated classification techniques to enhance accuracy and minimize errors. The efficacy of the modified clustering algorithm was evaluated using the entropy criterion, and a value of 0.99 was attained, demonstrating superior performance relative to traditional algorithms. The training algorithm was rigorously evaluated utilizing established performance metrics, such as accuracy, detection rate, and false positive rate. The results indicate that the accuracy improved consistently across all classification algorithms applied, contributing to an enhanced attack detection rate.