Ensemble-based Multi-Filter Feature Selection Method for DDoS Detection in Cloud Computing
This work addresses DDoS attacks in cloud computing, which threaten availability for providers and users, but it is incremental as it builds on existing feature selection methods.
The authors tackled DDoS detection in cloud computing by proposing an ensemble-based multi-filter feature selection method, which reduced features from 41 to 13 and achieved high detection rates and classification accuracy compared to other techniques.
Increasing interest in the adoption of cloud computing has exposed it to cyber-attacks. One of such is distributed denial of service (DDoS) attack that targets cloud bandwidth, services and resources to make it unavailable to both the cloud providers and users. Due to the magnitude of traffic that needs to be processed, data mining and machine learning classification algorithms have been proposed to classify normal packets from an anomaly. Feature selection has also been identified as a pre-processing phase in cloud DDoS attack defence that can potentially increase classification accuracy and reduce computational complexity by identifying important features from the original dataset, during supervised learning. In this work, we propose an ensemble-based multi-filter feature selection method that combines the output of four filter methods to achieve an optimum selection. An extensive experimental evaluation of our proposed method was performed using intrusion detection benchmark dataset, NSL-KDD and decision tree classifier. The result obtained shows that our proposed method effectively reduced the number of features from 41 to 13 and has a high detection rate and classification accuracy when compared to other classification techniques.