An ensemble method for feature selection and an integrated approach for mitigation of distributed denial of service attacks

Distributed denial of service attacks (DDoS) penetrate numerous computer system and implant malicious codes thereby making them ready for launching a collaborative attack. These attacks paralyze the target system mainly the web server by exhausting their network resources of the target server. The threats posed by DDoS attacks on the Internet demands for effective detection and mitigation methods of these attacks. In the paper, we proposed an integrated method for detection and mitigation of DDoS attack using machine learning and a line of defenses respectively. The detection phase consists of feature selection through ensemble feature selection algorithm and classification using machine learning algorithm. Feature selection algorithms are important as they reduce the dimension of the dataset. The selection of an efficient classification model will improve the detection rate of the proposed system. In the mitigation phase, we introduce two lines of defense to minimize the exhaustion of the victim server's resources. Using the existing dataset, we show experimentally that it is possible to detect the presence of attacks and mitigate them to a minimum level. The proposed integrated method yields an accuracy of 97.8% in detecting the attacks and able to reduce the utilization of processors upto an average of 25.95%.