Enhancing DDoS Attacks Detection using Machine Learning Algorithms with Feature Selection based on Mutual Information

Distributed Denial of Service attacks are very frequent and dangerous since they are mainly designed for blocking or restricting services delivered by networks or computers to the users. They constitute a significant threat to internet services and can have disastrous consequences on websites, web applications or information systems availability, often leading to closures. Because of their ability to be started remotely and reflected by legitimated users on networks, it is usually impossible for victims to detect or to prevent them. Furthermore, these attacks are increasing with a dizzying speed quantitatively and qualitatively. That's why the need for powerful and efficient intrusion detection systems is of vital importance. Usually, traditional DDoS detection systems need to adapt to evolving attackers strategies and deal with imbalanced data distributions. Consequently, these challenges often lead to reduced performances of the IDSs. In the present paper, we have made a deep analysis of the CICDDoS2019 dataset and applied some Machine Learning techniques combined with feature selection based on Mutual Information whith the aim of improving DDoS attacks detection.After the pre-processing step, we have proved by experiments implementations the positive effects of feature selection with Mutual Information on DDoS attacks detection performances. We have used four (4) machine learning algorithms (Decision Tree (DT), Extra Trees (ET), Random Forest (RF) and XGBoost (XGB)) on the CICDDoS2019 for DDoS attacks detection. We dealt with the high dimensionality of the dataset by the feature selection with Mutual Information aiming to improve execution time and other detection performance criteria. Finally, we concluded by analyzing our experimental results and propose some future works.