Detecting DDoS Attacks in Network Traffic Based on Supervised Machine Learning Techniques Article Swipe
Mahmood Alfathe
,
Aida Mustapha
,
Huthaifa L. Mohamed
,
Salama A. Mostafa
,
Yousif Khalid Yousif
,
Ali H. Al-Shakarchi
·
YOU?
·
· 2024
· Open Access
·
· DOI: https://doi.org/10.69513/jnfit.v1.i0.a2
YOU?
·
· 2024
· Open Access
·
· DOI: https://doi.org/10.69513/jnfit.v1.i0.a2
One of the major concerns in network security that pose a big challenge to safeguarding networks is distributed denial-of-service (DDoS) attacks. Such attacks often lead to breaches of trust in online systems, cause significant losses in financial markets, and deny services to legitimate users. This study aims to propose a robust method for detecting DDOS attacks accurately. To accomplish this goal, the study investigated several machine learning algorithms in detecting such attacks utilizing the CIC-DDOS-2019 dataset, a well-known benchmark dataset characterized by its comprehensive coverage of DDOS attacks. Five machine learning algorithms have been evaluated: Random Forest (RF), Naive Bayes (NB), Logistic Regression (LR), J48 Decision Tree, and XGBoost based on their performance in detecting and discriminating between DDoS attacks and benign records. The results show high detection capability, with accuracy rates above 99% for all models except for NB. The RF, LR, J48, and XGBoost algorithms can recognize intricate DDoS assault patterns. In addition to comparing several machine learning methods for DDoS detection, this study provides insight into how these models can be helpful in real-world scenarios for improving network security.
Related Topics
Concepts
Denial-of-service attack
Computer science
Artificial intelligence
Machine learning
Application layer DDoS attack
Computer network
Operating system
The Internet
Metadata
- Type
- article
- Language
- en
- Landing Page
- https://doi.org/10.69513/jnfit.v1.i0.a2
- https://jnfh.alnoor.edu.iq/ITSC/article/download/294/IT0
- OA Status
- hybrid
- Cited By
- 1
- References
- 17
- Related Works
- 10
- OpenAlex ID
- https://openalex.org/W4405645271
All OpenAlex metadata
Raw OpenAlex JSON
- OpenAlex ID
-
https://openalex.org/W4405645271Canonical identifier for this work in OpenAlex
- DOI
-
https://doi.org/10.69513/jnfit.v1.i0.a2Digital Object Identifier
- Title
-
Detecting DDoS Attacks in Network Traffic Based on Supervised Machine Learning TechniquesWork title
- Type
-
articleOpenAlex work type
- Language
-
enPrimary language
- Publication year
-
2024Year of publication
- Publication date
-
2024-12-20Full publication date if available
- Authors
-
Mahmood Alfathe, Aida Mustapha, Huthaifa L. Mohamed, Salama A. Mostafa, Yousif Khalid Yousif, Ali H. Al-ShakarchiList of authors in order
- Landing page
-
https://doi.org/10.69513/jnfit.v1.i0.a2Publisher landing page
- PDF URL
-
https://jnfh.alnoor.edu.iq/ITSC/article/download/294/IT0Direct link to full text PDF
- Open access
-
YesWhether a free full text is available
- OA status
-
hybridOpen access status per OpenAlex
- OA URL
-
https://jnfh.alnoor.edu.iq/ITSC/article/download/294/IT0Direct OA link when available
- Concepts
-
Denial-of-service attack, Computer science, Artificial intelligence, Machine learning, Application layer DDoS attack, Computer network, Operating system, The InternetTop concepts (fields/topics) attached by OpenAlex
- Cited by
-
1Total citation count in OpenAlex
- Citations by year (recent)
-
2025: 1Per-year citation counts (last 5 years)
- References (count)
-
17Number of works referenced by this work
- Related works (count)
-
10Other works algorithmically related by OpenAlex
Full payload
| id | https://openalex.org/W4405645271 |
|---|---|
| doi | https://doi.org/10.69513/jnfit.v1.i0.a2 |
| ids.doi | https://doi.org/10.69513/jnfit.v1.i0.a2 |
| ids.openalex | https://openalex.org/W4405645271 |
| fwci | 0.8368661 |
| type | article |
| title | Detecting DDoS Attacks in Network Traffic Based on Supervised Machine Learning Techniques |
| biblio.issue | |
| biblio.volume | 1 |
| biblio.last_page | |
| biblio.first_page | |
| topics[0].id | https://openalex.org/T10400 |
| topics[0].field.id | https://openalex.org/fields/17 |
| topics[0].field.display_name | Computer Science |
| topics[0].score | 0.9940000176429749 |
| topics[0].domain.id | https://openalex.org/domains/3 |
| topics[0].domain.display_name | Physical Sciences |
| topics[0].subfield.id | https://openalex.org/subfields/1705 |
| topics[0].subfield.display_name | Computer Networks and Communications |
| topics[0].display_name | Network Security and Intrusion Detection |
| topics[1].id | https://openalex.org/T11598 |
| topics[1].field.id | https://openalex.org/fields/17 |
| topics[1].field.display_name | Computer Science |
| topics[1].score | 0.9545999765396118 |
| topics[1].domain.id | https://openalex.org/domains/3 |
| topics[1].domain.display_name | Physical Sciences |
| topics[1].subfield.id | https://openalex.org/subfields/1702 |
| topics[1].subfield.display_name | Artificial Intelligence |
| topics[1].display_name | Internet Traffic Analysis and Secure E-voting |
| is_xpac | False |
| apc_list | |
| apc_paid | |
| concepts[0].id | https://openalex.org/C38822068 |
| concepts[0].level | 3 |
| concepts[0].score | 0.8221421241760254 |
| concepts[0].wikidata | https://www.wikidata.org/wiki/Q131406 |
| concepts[0].display_name | Denial-of-service attack |
| concepts[1].id | https://openalex.org/C41008148 |
| concepts[1].level | 0 |
| concepts[1].score | 0.7037312388420105 |
| concepts[1].wikidata | https://www.wikidata.org/wiki/Q21198 |
| concepts[1].display_name | Computer science |
| concepts[2].id | https://openalex.org/C154945302 |
| concepts[2].level | 1 |
| concepts[2].score | 0.5249338746070862 |
| concepts[2].wikidata | https://www.wikidata.org/wiki/Q11660 |
| concepts[2].display_name | Artificial intelligence |
| concepts[3].id | https://openalex.org/C119857082 |
| concepts[3].level | 1 |
| concepts[3].score | 0.461515873670578 |
| concepts[3].wikidata | https://www.wikidata.org/wiki/Q2539 |
| concepts[3].display_name | Machine learning |
| concepts[4].id | https://openalex.org/C120865594 |
| concepts[4].level | 4 |
| concepts[4].score | 0.4155108630657196 |
| concepts[4].wikidata | https://www.wikidata.org/wiki/Q131406 |
| concepts[4].display_name | Application layer DDoS attack |
| concepts[5].id | https://openalex.org/C31258907 |
| concepts[5].level | 1 |
| concepts[5].score | 0.35149604082107544 |
| concepts[5].wikidata | https://www.wikidata.org/wiki/Q1301371 |
| concepts[5].display_name | Computer network |
| concepts[6].id | https://openalex.org/C111919701 |
| concepts[6].level | 1 |
| concepts[6].score | 0.16998019814491272 |
| concepts[6].wikidata | https://www.wikidata.org/wiki/Q9135 |
| concepts[6].display_name | Operating system |
| concepts[7].id | https://openalex.org/C110875604 |
| concepts[7].level | 2 |
| concepts[7].score | 0.10085973143577576 |
| concepts[7].wikidata | https://www.wikidata.org/wiki/Q75 |
| concepts[7].display_name | The Internet |
| keywords[0].id | https://openalex.org/keywords/denial-of-service-attack |
| keywords[0].score | 0.8221421241760254 |
| keywords[0].display_name | Denial-of-service attack |
| keywords[1].id | https://openalex.org/keywords/computer-science |
| keywords[1].score | 0.7037312388420105 |
| keywords[1].display_name | Computer science |
| keywords[2].id | https://openalex.org/keywords/artificial-intelligence |
| keywords[2].score | 0.5249338746070862 |
| keywords[2].display_name | Artificial intelligence |
| keywords[3].id | https://openalex.org/keywords/machine-learning |
| keywords[3].score | 0.461515873670578 |
| keywords[3].display_name | Machine learning |
| keywords[4].id | https://openalex.org/keywords/application-layer-ddos-attack |
| keywords[4].score | 0.4155108630657196 |
| keywords[4].display_name | Application layer DDoS attack |
| keywords[5].id | https://openalex.org/keywords/computer-network |
| keywords[5].score | 0.35149604082107544 |
| keywords[5].display_name | Computer network |
| keywords[6].id | https://openalex.org/keywords/operating-system |
| keywords[6].score | 0.16998019814491272 |
| keywords[6].display_name | Operating system |
| keywords[7].id | https://openalex.org/keywords/the-internet |
| keywords[7].score | 0.10085973143577576 |
| keywords[7].display_name | The Internet |
| language | en |
| locations[0].id | doi:10.69513/jnfit.v1.i0.a2 |
| locations[0].is_oa | True |
| locations[0].source.id | https://openalex.org/S5407049197 |
| locations[0].source.issn | 3078-5367, 3078-9990 |
| locations[0].source.type | journal |
| locations[0].source.is_oa | False |
| locations[0].source.issn_l | 3078-5367 |
| locations[0].source.is_core | False |
| locations[0].source.is_in_doaj | False |
| locations[0].source.display_name | Al-Noor Journal for Information Technology and Cybersecurity |
| locations[0].source.host_organization | |
| locations[0].source.host_organization_name | |
| locations[0].license | cc-by-nc |
| locations[0].pdf_url | https://jnfh.alnoor.edu.iq/ITSC/article/download/294/IT0 |
| locations[0].version | publishedVersion |
| locations[0].raw_type | journal-article |
| locations[0].license_id | https://openalex.org/licenses/cc-by-nc |
| locations[0].is_accepted | True |
| locations[0].is_published | True |
| locations[0].raw_source_name | Al-Noor Journal for Information Technology and Cybersecurity |
| locations[0].landing_page_url | https://doi.org/10.69513/jnfit.v1.i0.a2 |
| indexed_in | crossref |
| authorships[0].author.id | https://openalex.org/A5032353197 |
| authorships[0].author.orcid | |
| authorships[0].author.display_name | Mahmood Alfathe |
| authorships[0].affiliations[0].raw_affiliation_string | Ninevah university |
| authorships[0].author_position | first |
| authorships[0].raw_author_name | Mahmood Alfathe |
| authorships[0].is_corresponding | False |
| authorships[0].raw_affiliation_strings | Ninevah university |
| authorships[1].author.id | https://openalex.org/A5032045434 |
| authorships[1].author.orcid | https://orcid.org/0000-0002-9077-4995 |
| authorships[1].author.display_name | Aida Mustapha |
| authorships[1].author_position | middle |
| authorships[1].raw_author_name | None Aida Mustapha |
| authorships[1].is_corresponding | False |
| authorships[2].author.id | https://openalex.org/A5040717487 |
| authorships[2].author.orcid | |
| authorships[2].author.display_name | Huthaifa L. Mohamed |
| authorships[2].author_position | middle |
| authorships[2].raw_author_name | None Huthaifa L. Mohamed |
| authorships[2].is_corresponding | False |
| authorships[3].author.id | https://openalex.org/A5016511172 |
| authorships[3].author.orcid | https://orcid.org/0000-0001-5348-502X |
| authorships[3].author.display_name | Salama A. Mostafa |
| authorships[3].author_position | middle |
| authorships[3].raw_author_name | None Salama A Mostafa |
| authorships[3].is_corresponding | False |
| authorships[4].author.id | https://openalex.org/A5080258325 |
| authorships[4].author.orcid | https://orcid.org/0009-0005-7119-1195 |
| authorships[4].author.display_name | Yousif Khalid Yousif |
| authorships[4].author_position | middle |
| authorships[4].raw_author_name | None Yousif Khalid Yousif |
| authorships[4].is_corresponding | False |
| authorships[5].author.id | https://openalex.org/A5023166764 |
| authorships[5].author.orcid | |
| authorships[5].author.display_name | Ali H. Al-Shakarchi |
| authorships[5].author_position | last |
| authorships[5].raw_author_name | None Ali H. Al-Shakarchi |
| authorships[5].is_corresponding | False |
| has_content.pdf | True |
| has_content.grobid_xml | True |
| is_paratext | False |
| open_access.is_oa | True |
| open_access.oa_url | https://jnfh.alnoor.edu.iq/ITSC/article/download/294/IT0 |
| open_access.oa_status | hybrid |
| open_access.any_repository_has_fulltext | False |
| created_date | 2025-10-10T00:00:00 |
| display_name | Detecting DDoS Attacks in Network Traffic Based on Supervised Machine Learning Techniques |
| has_fulltext | True |
| is_retracted | False |
| updated_date | 2025-11-06T03:46:38.306776 |
| primary_topic.id | https://openalex.org/T10400 |
| primary_topic.field.id | https://openalex.org/fields/17 |
| primary_topic.field.display_name | Computer Science |
| primary_topic.score | 0.9940000176429749 |
| primary_topic.domain.id | https://openalex.org/domains/3 |
| primary_topic.domain.display_name | Physical Sciences |
| primary_topic.subfield.id | https://openalex.org/subfields/1705 |
| primary_topic.subfield.display_name | Computer Networks and Communications |
| primary_topic.display_name | Network Security and Intrusion Detection |
| related_works | https://openalex.org/W2360429410, https://openalex.org/W2898696280, https://openalex.org/W2204131204, https://openalex.org/W2383770723, https://openalex.org/W2921433547, https://openalex.org/W2958385475, https://openalex.org/W2783466926, https://openalex.org/W4286539397, https://openalex.org/W2370216173, https://openalex.org/W2754163055 |
| cited_by_count | 1 |
| counts_by_year[0].year | 2025 |
| counts_by_year[0].cited_by_count | 1 |
| locations_count | 1 |
| best_oa_location.id | doi:10.69513/jnfit.v1.i0.a2 |
| best_oa_location.is_oa | True |
| best_oa_location.source.id | https://openalex.org/S5407049197 |
| best_oa_location.source.issn | 3078-5367, 3078-9990 |
| best_oa_location.source.type | journal |
| best_oa_location.source.is_oa | False |
| best_oa_location.source.issn_l | 3078-5367 |
| best_oa_location.source.is_core | False |
| best_oa_location.source.is_in_doaj | False |
| best_oa_location.source.display_name | Al-Noor Journal for Information Technology and Cybersecurity |
| best_oa_location.source.host_organization | |
| best_oa_location.source.host_organization_name | |
| best_oa_location.license | cc-by-nc |
| best_oa_location.pdf_url | https://jnfh.alnoor.edu.iq/ITSC/article/download/294/IT0 |
| best_oa_location.version | publishedVersion |
| best_oa_location.raw_type | journal-article |
| best_oa_location.license_id | https://openalex.org/licenses/cc-by-nc |
| best_oa_location.is_accepted | True |
| best_oa_location.is_published | True |
| best_oa_location.raw_source_name | Al-Noor Journal for Information Technology and Cybersecurity |
| best_oa_location.landing_page_url | https://doi.org/10.69513/jnfit.v1.i0.a2 |
| primary_location.id | doi:10.69513/jnfit.v1.i0.a2 |
| primary_location.is_oa | True |
| primary_location.source.id | https://openalex.org/S5407049197 |
| primary_location.source.issn | 3078-5367, 3078-9990 |
| primary_location.source.type | journal |
| primary_location.source.is_oa | False |
| primary_location.source.issn_l | 3078-5367 |
| primary_location.source.is_core | False |
| primary_location.source.is_in_doaj | False |
| primary_location.source.display_name | Al-Noor Journal for Information Technology and Cybersecurity |
| primary_location.source.host_organization | |
| primary_location.source.host_organization_name | |
| primary_location.license | cc-by-nc |
| primary_location.pdf_url | https://jnfh.alnoor.edu.iq/ITSC/article/download/294/IT0 |
| primary_location.version | publishedVersion |
| primary_location.raw_type | journal-article |
| primary_location.license_id | https://openalex.org/licenses/cc-by-nc |
| primary_location.is_accepted | True |
| primary_location.is_published | True |
| primary_location.raw_source_name | Al-Noor Journal for Information Technology and Cybersecurity |
| primary_location.landing_page_url | https://doi.org/10.69513/jnfit.v1.i0.a2 |
| publication_date | 2024-12-20 |
| publication_year | 2024 |
| referenced_works | https://openalex.org/W4210779665, https://openalex.org/W2104692292, https://openalex.org/W6740998496, https://openalex.org/W2597472767, https://openalex.org/W3120086307, https://openalex.org/W3042433202, https://openalex.org/W4296010380, https://openalex.org/W4389914878, https://openalex.org/W4393856083, https://openalex.org/W3167176168, https://openalex.org/W4391068874, https://openalex.org/W2982682021, https://openalex.org/W4386071432, https://openalex.org/W3130255873, https://openalex.org/W6856296452, https://openalex.org/W3016662809, https://openalex.org/W2808779485 |
| referenced_works_count | 17 |
| abstract_inverted_index.a | 10, 49, 76 |
| abstract_inverted_index.In | 153 |
| abstract_inverted_index.To | 57 |
| abstract_inverted_index.be | 173 |
| abstract_inverted_index.by | 81 |
| abstract_inverted_index.in | 5, 29, 35, 68, 113, 175 |
| abstract_inverted_index.is | 16 |
| abstract_inverted_index.of | 1, 27, 85 |
| abstract_inverted_index.on | 110 |
| abstract_inverted_index.to | 13, 25, 41, 47, 155 |
| abstract_inverted_index.99% | 133 |
| abstract_inverted_index.J48 | 104 |
| abstract_inverted_index.LR, | 142 |
| abstract_inverted_index.NB. | 139 |
| abstract_inverted_index.One | 0 |
| abstract_inverted_index.RF, | 141 |
| abstract_inverted_index.The | 123, 140 |
| abstract_inverted_index.all | 135 |
| abstract_inverted_index.and | 38, 107, 115, 120, 144 |
| abstract_inverted_index.big | 11 |
| abstract_inverted_index.can | 147, 172 |
| abstract_inverted_index.for | 52, 134, 138, 161, 178 |
| abstract_inverted_index.how | 169 |
| abstract_inverted_index.its | 82 |
| abstract_inverted_index.the | 2, 61, 73 |
| abstract_inverted_index.DDOS | 54, 86 |
| abstract_inverted_index.DDoS | 118, 150, 162 |
| abstract_inverted_index.Five | 88 |
| abstract_inverted_index.J48, | 143 |
| abstract_inverted_index.Such | 21 |
| abstract_inverted_index.This | 44 |
| abstract_inverted_index.aims | 46 |
| abstract_inverted_index.been | 93 |
| abstract_inverted_index.deny | 39 |
| abstract_inverted_index.have | 92 |
| abstract_inverted_index.high | 126 |
| abstract_inverted_index.into | 168 |
| abstract_inverted_index.lead | 24 |
| abstract_inverted_index.pose | 9 |
| abstract_inverted_index.show | 125 |
| abstract_inverted_index.such | 70 |
| abstract_inverted_index.that | 8 |
| abstract_inverted_index.this | 59, 164 |
| abstract_inverted_index.with | 129 |
| abstract_inverted_index.(LR), | 103 |
| abstract_inverted_index.(NB), | 100 |
| abstract_inverted_index.(RF), | 97 |
| abstract_inverted_index.Bayes | 99 |
| abstract_inverted_index.Naive | 98 |
| abstract_inverted_index.Tree, | 106 |
| abstract_inverted_index.above | 132 |
| abstract_inverted_index.based | 109 |
| abstract_inverted_index.cause | 32 |
| abstract_inverted_index.goal, | 60 |
| abstract_inverted_index.major | 3 |
| abstract_inverted_index.often | 23 |
| abstract_inverted_index.rates | 131 |
| abstract_inverted_index.study | 45, 62, 165 |
| abstract_inverted_index.their | 111 |
| abstract_inverted_index.these | 170 |
| abstract_inverted_index.trust | 28 |
| abstract_inverted_index.(DDoS) | 19 |
| abstract_inverted_index.Forest | 96 |
| abstract_inverted_index.Random | 95 |
| abstract_inverted_index.benign | 121 |
| abstract_inverted_index.except | 137 |
| abstract_inverted_index.losses | 34 |
| abstract_inverted_index.method | 51 |
| abstract_inverted_index.models | 136, 171 |
| abstract_inverted_index.online | 30 |
| abstract_inverted_index.robust | 50 |
| abstract_inverted_index.users. | 43 |
| abstract_inverted_index.XGBoost | 108, 145 |
| abstract_inverted_index.assault | 151 |
| abstract_inverted_index.attacks | 22, 55, 71, 119 |
| abstract_inverted_index.between | 117 |
| abstract_inverted_index.dataset | 79 |
| abstract_inverted_index.helpful | 174 |
| abstract_inverted_index.insight | 167 |
| abstract_inverted_index.machine | 65, 89, 158 |
| abstract_inverted_index.methods | 160 |
| abstract_inverted_index.network | 6, 180 |
| abstract_inverted_index.propose | 48 |
| abstract_inverted_index.results | 124 |
| abstract_inverted_index.several | 64, 157 |
| abstract_inverted_index.Decision | 105 |
| abstract_inverted_index.Logistic | 101 |
| abstract_inverted_index.accuracy | 130 |
| abstract_inverted_index.addition | 154 |
| abstract_inverted_index.attacks. | 20, 87 |
| abstract_inverted_index.breaches | 26 |
| abstract_inverted_index.concerns | 4 |
| abstract_inverted_index.coverage | 84 |
| abstract_inverted_index.dataset, | 75 |
| abstract_inverted_index.learning | 66, 90, 159 |
| abstract_inverted_index.markets, | 37 |
| abstract_inverted_index.networks | 15 |
| abstract_inverted_index.provides | 166 |
| abstract_inverted_index.records. | 122 |
| abstract_inverted_index.security | 7 |
| abstract_inverted_index.services | 40 |
| abstract_inverted_index.systems, | 31 |
| abstract_inverted_index.benchmark | 78 |
| abstract_inverted_index.challenge | 12 |
| abstract_inverted_index.comparing | 156 |
| abstract_inverted_index.detecting | 53, 69, 114 |
| abstract_inverted_index.detection | 127 |
| abstract_inverted_index.financial | 36 |
| abstract_inverted_index.improving | 179 |
| abstract_inverted_index.intricate | 149 |
| abstract_inverted_index.patterns. | 152 |
| abstract_inverted_index.recognize | 148 |
| abstract_inverted_index.scenarios | 177 |
| abstract_inverted_index.security. | 181 |
| abstract_inverted_index.utilizing | 72 |
| abstract_inverted_index.Regression | 102 |
| abstract_inverted_index.accomplish | 58 |
| abstract_inverted_index.algorithms | 67, 91, 146 |
| abstract_inverted_index.detection, | 163 |
| abstract_inverted_index.evaluated: | 94 |
| abstract_inverted_index.legitimate | 42 |
| abstract_inverted_index.real-world | 176 |
| abstract_inverted_index.well-known | 77 |
| abstract_inverted_index.accurately. | 56 |
| abstract_inverted_index.capability, | 128 |
| abstract_inverted_index.distributed | 17 |
| abstract_inverted_index.performance | 112 |
| abstract_inverted_index.significant | 33 |
| abstract_inverted_index.investigated | 63 |
| abstract_inverted_index.safeguarding | 14 |
| abstract_inverted_index.CIC-DDOS-2019 | 74 |
| abstract_inverted_index.characterized | 80 |
| abstract_inverted_index.comprehensive | 83 |
| abstract_inverted_index.discriminating | 116 |
| abstract_inverted_index.denial-of-service | 18 |
| cited_by_percentile_year.max | 95 |
| cited_by_percentile_year.min | 91 |
| countries_distinct_count | 0 |
| institutions_distinct_count | 6 |
| sustainable_development_goals[0].id | https://metadata.un.org/sdg/16 |
| sustainable_development_goals[0].score | 0.49000000953674316 |
| sustainable_development_goals[0].display_name | Peace, Justice and strong institutions |
| sustainable_development_goals[1].id | https://metadata.un.org/sdg/10 |
| sustainable_development_goals[1].score | 0.47999998927116394 |
| sustainable_development_goals[1].display_name | Reduced inequalities |
| citation_normalized_percentile.value | 0.70431116 |
| citation_normalized_percentile.is_in_top_1_percent | False |
| citation_normalized_percentile.is_in_top_10_percent | False |