Perbandingan Pendekatan Machine Learning dalam Deteksi Serangan DDoS Jaringan Komputer
Abstract views: 0
,
Abstract
Distributed Denial of Service (DDoS) attacks are a serious threat to computer network security. This study offers a comprehensive evaluation by considering accuracy, detection time, and model complexity in simulation scenarios. Using the CICDDoS2019 dataset, which includes modern attack variations and complete features, this research compares the effectiveness of Naïve Bayes (NB), Random Forest (RF), and Decision Tree (DT) algorithms in detecting DDoS attacks. The results show that RF achieves the highest accuracy (99.95%), while DT excels in recall (99.83%). These findings provide a foundation for developing hybrid ML-DL models to enhance real-time attack detection. However, limitations such as using a single dataset and offline simulations restrict the generalizability of results to real-world network conditions. This study highlights opportunities for more comprehensive future research in real-world scenarios.
References
R. Umar, A. Yudhana, and M. Nur Faiz, “Experimental Analysis of Web Browser Sessions Using Live Forensics Method,” Int. J. Electr. Comput. Eng., vol. 8, no. 5, p. 2951, 2018, doi: 10.11591/ijece.v8i5.pp2951-2958.
G. P. R. W. K. Pertiwi, “Google Gagalkan Serangan DDoS Terbesar Sepanjang Sejarah, Indonesia Salah Satu ‘Dalang,’” Kompas.com Artikel ini telah tayang di Kompas.com dengan judul "Google Gagalkan Serangan DDoS Terbesar Sepanjang Sejarah, Indonesia Sal, 2023.
Cisco, “Cisco Annual Internet Report (2018–2023),” Cisco Annual Internet Report, 2020. https://www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.html (accessed Jan. 20, 2023).
D. Arivudainambi, V. K. K.A, and S. Sibi Chakkaravarthy, “LION IDS: A meta-heuristics approach to detect DDoS attacks against Software-Defined Networks,” Neural Comput. Appl., vol. 31, no. 5, pp. 1491–1501, May 2019, doi: 10.1007/s00521-018-3383-7.
T. Saranya, S. Sridevi, C. Deisy, T. D. Chung, and M. K. A. A. Khan, “Performance Analysis of Machine Learning Algorithms in Intrusion Detection System: A Review,” Procedia Comput. Sci., vol. 171, no. 2019, pp. 1251–1260, 2020, doi: 10.1016/j.procs.2020.04.133.
K. Kurniabudi, A. Harris, and E. Rosanda, “Optimalisasi Seleksi Fitur Untuk Deteksi Serangan Pada IoT Menggunakan Classifier Subset Evaluator,” JURIKOM (Jurnal Ris. Komputer), vol. 9, no. 4, p. 885, 2022, doi: 10.30865/jurikom.v9i4.4618.
P. Kaur, M. Kumar, and A. Bhandari, “A review of detection approaches for distributed denial of service attacks,” Syst. Sci. Control Eng., vol. 5, no. 1, pp. 301–320, 2017, doi: 10.1080/21642583.2017.1331768.
E. M. Bårli, A. Yazidi, E. H. Viedma, and H. Haugerud, “DoS and DDoS mitigation using Variational Autoencoders,” Comput. Networks, vol. 199, no. June, p. 108399, 2021, doi: 10.1016/j.comnet.2021.108399.
M. Odusami, S. Misra, O. Abayomi-Alli, A. Abayomi-Alli, and L. Fernandez-Sanz, “A survey and meta-analysis of application-layer distributed denial-of-service attack,” Int. J. Commun. Syst., vol. 33, no. 18, pp. 1–24, 2020, doi: 10.1002/dac.4603.
K. B. Dasari and N. Devarakonda, “Detection of different DDoS attacks using machine learning classification Algorithms,” Ing. des Syst. d’Information, vol. 26, no. 5, pp. 461–468, 2021, doi: 10.18280/isi.260505.
R. Firmansyah, E. Utami, and E. Pramono, “Evaluation of Naive Bayes, Random Forest and Stochastic Gradient Boosting Algorithm on DDoS Attack Detection,” Int. Conf. Inf. Sci. Technol. Innov., vol. 1, no. 1, pp. 92–97, 2022, doi: 10.35842/icostec.v1i1.16.
A. Churcher et al., “An experimental analysis of attack classification using machine learning in IoT networks,” Sensors (Switzerland), vol. 21, no. 2, pp. 1–32, 2021, doi: 10.3390/s21020446.
N. N. Tuan, P. H. Hung, N. D. Nghia, N. Van Tho, T. Van Phan, and N. H. Thanh, “A DDoS attack mitigation scheme in ISP networks using machine learning based on SDN,” Electron., vol. 9, no. 3, pp. 1–19, 2020, doi: 10.3390/electronics9030413.
M. Zekri, S. El Kafhali, N. Aboutabit, and Y. Saadi, “DDoS attack detection using machine learning techniques in cloud computing environments,” Proc. 2017 Int. Conf. Cloud Comput. Technol. Appl. CloudTech 2017, vol. 2018-Janua, no. October, pp. 1–7, 2017, doi: 10.1109/CloudTech.2017.8284731.
N. Meti, D. G. Narayan, and V. P. Baligar, “Detection of distributed denial of service attacks using machine learning algorithms in software defined networks,” in 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), Sep. 2017, vol. 15, no. 3, pp. 1366–1371. doi: 10.1109/ICACCI.2017.8126031.
K. S. Sahoo et al., “An Evolutionary SVM Model for DDOS Attack Detection in Software Defined Networks,” IEEE Access, vol. 8, pp. 132502–132513, 2020, doi: 10.1109/ACCESS.2020.3009733.
P. Wang, K.-M. Chao, H.-C. Lin, W.-H. Lin, and C.-C. Lo, “An Efficient Flow Control Approach for SDN-Based Network Threat Detection and Migration Using Support Vector Machine,” in 2016 IEEE 13th International Conference on e-Business Engineering (ICEBE), Nov. 2016, pp. 56–63. doi: 10.1109/ICEBE.2016.020.
T. E. Ali, Y. W. Chong, and S. Manickam, “Comparison of ML/DL Approaches for Detecting DDoS Attacks in SDN,” Appl. Sci., vol. 13, no. 5, 2023, doi: 10.3390/app13053033.
C. I. for Cybersecurity, “CICDDoS2019 Dataset.” 2019.
P. with Code, “CICDDoS2019 Dataset for DDoS Detection.”
U. of New Brunswick, “Analysis of DDoS Traffic and Attacks in the CICDDoS2019 Dataset.” 2019.
T. Khempetch and P. Wuttidittachotti, “Ddos attack detection using deep learning,” IAES Int. J. Artif. Intell., vol. 10, no. 2, pp. 382–388, 2021, doi: 10.11591/ijai.v10.i2.pp382-388.
S. Ramírez-Gallego, B. Krawczyk, S. García, M. Woźniak, and F. Herrera, “A survey on data preprocessing for data stream mining: Current status and future directions,” Neurocomputing, vol. 239, pp. 39–57, May 2017, doi: 10.1016/j.neucom.2017.01.078.
M. Riyadh, B. J. Ali, and D. R. Alshibani, “IDS-MIU: an Intrusion Detection System Based on Machine Learning Techniques for Mixed Type, Incomplete, and Uncertain Data Set,” Int. J. Intell. Eng. Syst., vol. 14, no. 3, pp. 493–502, 2021, doi: 10.22266/ijies2021.0630.41.
S. M. Kasongo and Y. Sun, “Performance Analysis of Intrusion Detection Systems Using a Feature Selection Method on the UNSW-NB15 Dataset,” J. Big Data, vol. 7, no. 1, pp. 1–20, 2020, doi: 10.1186/s40537-020-00379-6.
Copyright (c) 2025 Laura Sari, Muhammad Nur Faiz, Arif Wirawan Muhammad
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
