NORMA eResearch @NCI Library

A critical analysis of machine learning algorithms for detecting Distributed Denial of Service attacks

Stack, Catherine Patsy (2023) A critical analysis of machine learning algorithms for detecting Distributed Denial of Service attacks. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
PDF (Master of Science)
Download (751kB) | Preview
[thumbnail of Configuration manual]
PDF (Configuration manual)
Download (946kB) | Preview


The rapid increase in remote working and cloud migration has led to increased cyber-attacks along with the enhanced opportunity for cyber threats. This has propelled cybersecurity front and centre. In the latter part of 2020, ransomware groups were incorporating Distributed Denial of Service (DDoS) attacks into their ransom attacks in a kind of twin extortion so that leaves the victim under constant DDoS attack until the ransom is paid. This is why organisations must use more intelligent defensive mechanisms using Machine Learning algorithms in cybersecurity protection. The motivation for this research paper was to critically analyse machine learning algorithms used in the detection of DDoS attacks. The algorithms Random Forest, K-Nearest Neighbour, Naive Bayes, Decision Tree and Logistic Regression were analysed for precision, accuracy, recall, f1 rating along with training time of each classification model.

The results show that out of the five ML algorithms assessed, Random Forest, and K-Nearest Neighbour satisfied the problem statement goal of predicting 95% or greater accuracy. The Random Forest classifier performed the best overall with a 99% accuracy followed by K-NN with 96% accuracy. Logistic Regression performing least favourably with a 50% accuracy with Naïve Bayes and Decision Tree having an 85% and 92% respective accuracy percentage rates. Training time on the other hand had the Random Forest classification model perform poor with a time of 422ms recorded which was many times slower than that of all of the other classification models with KNN perform the quickest with 15.6ms and the remaining having a time of 31.2ms each.

Item Type: Thesis (Masters)
Sahni, Vikas
Uncontrolled Keywords: Machine Learning algorithms (ML); Distributed Denial of Service (DDoS); Flooding attack; DDoS defense mechanisms; Botnets
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Algebra > Algorithms > Computer algorithms
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Machine learning
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 15 Jan 2024 16:59
Last Modified: 15 Jan 2024 16:59

Actions (login required)

View Item View Item