<![CDATA[A Distributed Denial of Service (DDoS) attack poses a serious threat to network security and can disrupt online services by overwhelming the target server with excessive traffic. Effective detection of DDoS attacks requires a system capable of identifying anomalies in network traffic. In this context, Machine Learning (ML) offers an effective approach for classification and anomaly detection. However, different ML algorithms have varying strengths and weaknesses when processing large and complex network data. Therefore, this study aims to evaluate the performance of three ML algorithms: Support Vector Machine (SVM), Random Forest Classifier (RFC), and K-Nearest Neighbors (KNN) in detecting DDoS anomalies. The dataset used consists of 225,745 data points with 85 attributes that describe various characteristics of network traffic, such as destination port, flow duration, packet count, and packet size. This dataset is classified into two classes, BENIGN and DDoS, representing normal traffic and DDoS attacks, respectively. Evaluation is performed using several performance metrics, including accuracy, precision, recall, MCC (Matthews Correlation Coefficient), F-Measure, ROC Area, PRC Area, True Positive Rate (TPR), and False Positive Rate (FPR). The results show that the Random Forest Classifier (RFC) delivers the best performance with an accuracy of 99.99%, precision of 99.98%, recall of 100%, and a very low FPR of 0.02%. This is followed by the Support Vector Machine (SVM) with an accuracy of 99.91%, and the K-Nearest Neighbor (KNN) with an accuracy of 99.98%. All three algorithms demonstrate strong performance in detecting DDoS anomalies, with RFC slightly outperforming others in terms of consistency and higher classification capability. The findings of this study provide valuable insights for selecting the best algorithm to detect DDoS attacks in networks.]]>
Copyrights © 2025
