Support Vector Machine Classification Algorithm for Detecting DDoS Attacks on Network Traffic

Authors

  • Yoki Irawan Universitas Amikom Yogyakarta
  • Rina Pramitasari Universitas Amikom Yogyakarta
  • Wahid Miftahul Ashari Universitas Amikom Yogyakarta
  • Aiko Nur Hendry Yansyah Universitas Amikom Yogyakarta

DOI:

https://doi.org/10.30871/jaic.v9i4.10003

Keywords:

DDoS, Support Vector Machine (SVM), Attack Detection, CICIDS2017, Network Traffic

Abstract

Distributed Denial of Service (DDoS) attacks represent a significant danger in network security because they can lead to extensive service interruptions. With these attacks increasingly mirroring regular traffic, smart and effective detection systems are essential. This research seeks to assess the efficacy of the Support Vector Machine (SVM) classification algorithm in identifying DDoS attacks in network traffic. The data utilized is CICIDS2017, focusing on the subset Friday-WorkingHours-Afternoon-DDos.pcap_ISCX.csv, which contains both legitimate traffic and DDoS attacks like DoS-Hulk, DoS-GoldenEye, and DDoS. The preprocessing stage included eliminating duplicates and null entries, label binary encoding, normalization through Min-Max Scaler, and feature selection applying the Chi-Square technique. The data was divided into 80% for training and 20% for testing purposes. The Radial Basis Function (RBF) kernel was utilized to train the SVM model, and hyperparameter optimization was performed with GridSearchCV. The evaluation of the model's performance was conducted through accuracy, precision, recall, F1-score, confusion matrix, and visual representations including ROC and Precision-Recall Curves. The findings indicate that prior to tuning, the model reached an accuracy of 97%, which increased to 99% post-tuning, accompanied by an F1-score of 0.99. This shows that the SVM algorithm, when paired with appropriate preprocessing and optimization, is very efficient in identifying DDoS attacks within network traffic.

Downloads

Download data is not yet available.

References

[1] D. Mustafa Abdullah and A. Mohsin Abdulazeez, “Machine Learning Applications based on SVM Classification A Review,” Qubahan Acad. J., vol. 1, no. 2, pp. 81–90, Apr. 2021, doi: 10.48161/qaj.v1n2a50.

[2] I. Sharafaldin, A. Habibi Lashkari, and A. A. Ghorbani, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization:,” in Proceedings of the 4th International Conference on Information Systems Security and Privacy, Funchal, Madeira, Portugal: SCITEPRESS - Science and Technology Publications, 2018, pp. 108–116. doi: 10.5220/0006639801080116.

[3] V. Kathiresan, V. Yendapalli, J. Bhuvana, and E. Daniel, “Machine Learning-Based DDoS Attack Detection Using Support Vector Machine,” in Artificial Intelligence and Cyber Security in Industry 4.0, V. Sarveshwaran, J. I.-Z. Chen, and D. Pelusi, Eds., in Advanced Technologies and Societal Change. , Singapore: Springer Nature Singapore, 2023, pp. 329–341. doi: 10.1007/978-981-99-2115-7_15.

[4] B. Goparaju and D. B. S. Rao, “A DDoS Attack Detection using PCA Dimensionality Reduction and Support Vector Machine”.

[5] A. Maslan, K. M. B. Mohamad, A. Hamid, H. Pangaribuan, and S. Sitohang, “Feature Selection to Enhance DDoS Detection Using Hybrid N-Gram Heuristic Techniques,” JOIV Int. J. Inform. Vis., vol. 7, no. 3, pp. 815–822, Sep. 2023, doi: 10.30630/joiv.7.3.1533.

[6] S. Abiramasundari and V. Ramaswamy, “Distributed denial-of-service (DDOS) attack detection using supervised machine learning algorithms,” Sci. Rep., vol. 15, no. 1, p. 13098, Apr. 2025, doi: 10.1038/s41598-024-84879-y.

[7] M. S. Raza, M. N. A. Sheikh, I.-S. Hwang, and M. S. Ab-Rahman, “Feature-Selection-Based DDoS Attack Detection Using AI Algorithms,” Telecom, vol. 5, no. 2, pp. 333–346, Apr. 2024, doi: 10.3390/telecom5020017.

[8] S. Mohammed Fayadh, “Hybrid Machine Learning Model for Feature Selection in DDoS Attack Detection in Cloud Environments Using Convolutional Neural Networks and Genetic Algorithms,” Wasit J. Pure Sci., vol. 4, no. 1, pp. 94–103, Mar. 2025, doi: 10.31185/wjps.616.

[9] H. Patel, “Feature Selection via GANs (GANFS): Enhancing Machine Learning Models for DDoS Mitigation,” Apr. 21, 2025, arXiv: arXiv:2504.18566. doi: 10.48550/arXiv.2504.18566.

[10] A. Sanmorino, R. Gustriansyah, and J. Alie, “DDoS Attacks Detection Method Using Feature Importance and Support Vector Machine,” JUITA J. Inform., vol. 10, no. 2, p. 167, Nov. 2022, doi: 10.30595/juita.v10i2.14939.

[11] A. Hamarshe, H. I. Ashqar, and M. Hamarsheh, “Detec%on of DDoS A,acks in So1ware Defined Networking Using Machine Learning Models”.

[12] D. K. Suvra, “An Efficient Real Time DDoS Detection Model Using Machine Learning Algorithms,” Jan. 24, 2025, arXiv: arXiv:2501.14311. doi: 10.48550/arXiv.2501.14311.

[13] P. B. Yakubu, E. Owusu, L. Santana, M. Rahouti, A. Chehri, and K. Xiong, “Exploring Feature Importance and Explainability Towards Enhanced ML-Based DoS Detection in AI Systems,” Nov. 04, 2024, arXiv: arXiv:2411.03355. doi: 10.48550/arXiv.2411.03355.

[14] M. B. Anggara, “Perbandingan Naïve Bayes Dan Svm Dalam Analisis Sentimen Ulasan Aplikasi Rsud Al Ihsan Mobile,” vol. 20, 2025.

[15] Q. H. Nguyen et al., “Influence of Data Splitting on Performance of Machine Learning Models in Prediction of Shear Strength of Soil,” Math. Probl. Eng., vol. 2021, pp. 1–15, Feb. 2021, doi: 10.1155/2021/4832864.

[16] B. J. Erickson and F. Kitamura, “Magician’s Corner: 9. Performance Metrics for Machine Learning Models,” Radiol. Artif. Intell., vol. 3, no. 3, p. e200126, May 2021, doi: 10.1148/ryai.2021200126.

[17] A. M. Carrington et al., “Deep ROC Analysis and AUC as Balanced Average Accuracy to Improve Model Selection, Understanding and Interpretation,” IEEE Trans. Pattern Anal. Mach. Intell., vol. 45, no. 1, pp. 329–341, Jan. 2023, doi: 10.1109/TPAMI.2022.3145392.

Downloads

Published

2025-08-09

How to Cite

[1]
Y. Irawan, R. Pramitasari, W. M. Ashari, and A. N. H. Yansyah, “Support Vector Machine Classification Algorithm for Detecting DDoS Attacks on Network Traffic”, JAIC, vol. 9, no. 4, pp. 1945–1954, Aug. 2025.

Issue

Vol. 9 No. 4 (2025): August 2025

Section

Articles

License

Copyright (c) 2025 Yoki Irawan, Rina Pramitasari, Wahid Miftahul Ashari, Aiko Nur Hendry Yansyah

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Authors who publish with this journal agree to the following terms:

  • Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) ) that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
  • Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  • Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).

Similar Articles

1 2 3 4 5 > >> 

You may also start an advanced similarity search for this article.