REGULARIZED FEATURE SELECTION FOR IMPROVED DDOS ATTACK DETECTION A RECURSIVE VARIABLE ELIMINATION APPROACH USING LEAST ABSOLUTE SHRINKAGE AND SELECTION

Abstract

The complexity and variety of Distributed Denial of Service (DDOS) attacks make it very difficult to detect them in data collected from network traffic. Although machine learning algorithms have shown some success in this area, data that contains traits that are either strongly linked or irrelevant might limit their efficacy. This study presents a new method for regularised feature selection that uses the LASSO-RFE methodology to improve the accuracy of DDOS attack detection, which will help to alleviate this problem. LASSO-RFE is a two-stage process that combines the best features of LASSO regularisation with RFE. At first, the high-dimensional feature space is subjected to LASSO regularisation in order to determine which characteristics are most important for DDOS attack detection. As the regression coefficients of superfluous or unimportant characteristics approach zero, LASSO removes them from the model. The remaining features chosen by LASSO are then subjected to RFE in order to improve the model's performance and narrow the feature set even more. Until the ideal subset of features is found, RFE repeatedly removes the characteristics that aren't important based on their model weights. Improving the DDOS attack detection models' resilience and interpretability, the suggested technique provides a systematic and efficient way for feature selection. When compared to more conventional machine learning methods, experimental findings show that LASSO-RFE significantly improves the accuracy of DDOS attack detection. In order to improve the efficiency and accuracy of DDOS attack detection in network traffic data, LASSO-RFE reduces the dimensionality of the feature space and efficiently filters out unnecessary characteristics.