Perbandingan Support Vector Machine, Random Forest Classifier, dan K-Nearest Neighbour dalam Pendeteksian Anomali pada Jaringan DDos
Abstract
A Distributed Denial of Service (DDoS) attack poses a serious threat to network security and can disrupt online services by overwhelming the target server with excessive traffic. Effective detection of DDoS attacks requires a system capable of identifying anomalies in network traffic. In this context, Machine Learning (ML) offers an effective approach for classification and anomaly detection. However, different ML algorithms have varying strengths and weaknesses when processing large and complex network data. Therefore, this study aims to evaluate the performance of three ML algorithms: Support Vector Machine (SVM), Random Forest Classifier (RFC), and K-Nearest Neighbors (KNN) in detecting DDoS anomalies. The dataset used consists of 225,745 data points with 85 attributes that describe various characteristics of network traffic, such as destination port, flow duration, packet count, and packet size. This dataset is classified into two classes, BENIGN and DDoS, representing normal traffic and DDoS attacks, respectively. Evaluation is performed using several performance metrics, including accuracy, precision, recall, MCC (Matthews Correlation Coefficient), F-Measure, ROC Area, PRC Area, True Positive Rate (TPR), and False Positive Rate (FPR). The results show that the Random Forest Classifier (RFC) delivers the best performance with an accuracy of 99.99%, precision of 99.98%, recall of 100%, and a very low FPR of 0.02%. This is followed by the Support Vector Machine (SVM) with an accuracy of 99.91%, and the K-Nearest Neighbor (KNN) with an accuracy of 99.98%. All three algorithms demonstrate strong performance in detecting DDoS anomalies, with RFC slightly outperforming others in terms of consistency and higher classification capability. The findings of this study provide valuable insights for selecting the best algorithm to detect DDoS attacks in networks.
Downloads
References
Haeruddin“Analisa Dan Perancangan Keamanan Jaringan Lokal Menggunakan Security Onion Dan Mikrotik” Dec. 2020, doi: 10.37253/joint.v1i2.4309.
Anna University and IEEE Aerospace and Electronic Systems Society, 2019 International Carnahan Conference on Security Technology (ICCST) : ICCST 2019 : IEEE 53rd International Carnahan Conference on Security Technology : October 01-03, 2019, Anna University, Chennai, India, doi: 10.1109/CCST.2019.8888419.
X. Ma et al., “A Comprehensive Survey on Graph Anomaly Detection with Deep Learning,” Jun. 2021, doi: 10.1109/TKDE.2021.3118815.
A. Singh and B. B. Gupta, “Distributed Denial-of-Service (DDoS) Attacks and Defense Mechanisms in Various Web- Enabled Computing Platforms: Issues, Challenges, and Future Research Directions,” Int J Semant Web Inf Syst, vol. 18, no. 1, 2022, doi: 10.4018/IJSWIS.297143.
S. Sambangi and L. Gondi, “A Machine Learning Approach for DDoS (Distributed Denial of Service) Attack Detection Using Multiple Linear Regression,” MDPI AG, Dec. 2020, p. 51. doi: 10.3390/proceedings2020063051.
N. Mamuriyah, S. E. Prasetyo, and A. O. Sijabat, “Rancangan Sistem Keamanan Jaringan dari serangan DDoS Menggunakan Metode Pengujian Penetrasi,” Jurnal Teknologi Dan Sistem Informasi Bisnis, vol. 6, no. 1, pp. 162–167, Jan. 2024, doi: 10.47233/jteksis.v6i1.1124.
R. R. Brooks, L. Yu, I. Ozcelik, J. Oakley, and N. Tusing, “Distributed Denial of Service (DDoS): A History,” IEEE Annals of the History of Computing, vol. 44, no. 2, pp. 44–54, 2022, doi: 10.1109/MAHC.2021.3072582.
G. Pang, C. Shen, L. Cao, and A. Van Den Hengel, “Deep Learning for Anomaly Detection: A Review,” Apr. 01, 2021, Association for Computing Machinery. doi: 10.1145/3439950.
İ. Güven and F. Şimşir, “Demand forecasting with color parameter in retail apparel industry using artificial neural networks (ANN) and support vector machines (SVM) methods,” Comput Ind Eng, vol. 147, Sep. 2020, doi: 10.1016/j.cie.2020.106678.
D. A. Pisner and D. M. Schnyer, “Support vector machine,” in Machine Learning: Methods and Applications to Brain Disorders, Elsevier, 2019, pp. 101–121. doi: 10.1016/B978-0-12-815739-8.00006-7.
P. Palimkar, R. N. Shaw, and A. Ghosh, “Machine Learning Technique to Prognosis Diabetes Disease: Random Forest Classifier Approach,” in Lecture Notes in Networks and Systems, Springer Science and Business Media Deutschland GmbH, 2022, pp. 219–244. doi: 10.1007/978-981-16-2164-2_19.
T. Noi Phan, V. Kuch, and L. W. Lehnert, “Land cover classification using google earth engine and random forest classifier-the role of image composition,” Remote Sens (Basel), vol. 12, no. 15, Aug. 2020, doi: 10.3390/RS12152411.
V. Jackins, S. Vimal, M. Kaliappan, and M. Y. Lee, “AI-based smart prediction of clinical disease using random forest classifier and Naive Bayes,” Journal of Supercomputing, vol. 77, no. 5, pp. 5198–5219, May 2021, doi: 10.1007/s11227-020-03481-x.
P. Cunningham and S. J. Delany, “k-Nearest Neighbour Classifiers: 2nd Edition (with Python examples),” Apr. 2020, doi: 10.1145/3459665.
A. R. Lubis, M. Lubis, and Al-Khowarizmi, “Optimization of distance formula in k-nearest neighbor method,” Bulletin of Electrical Engineering and Informatics, vol. 9, no. 1, pp. 326–338, Feb. 2020, doi: 10.11591/eei.v9i1.1464.
H. HAJIALIAN and C. TOMA, “Network Anomaly Detection by Means of Machine Learning: Random Forest Approach with Apache Spark,” Informatica Economica, vol. 22, no. 4/2018, pp. 89–98, Dec. 2018, doi: 10.12948/issn14531305/22.4.2018.08.
I. A. Khan, H. Birkhofer, D. Kunz, D. Lukas, and V. Ploshikhin, “A Random Forest Classifier for Anomaly Detection in Laser-Powder Bed Fusion Using Optical Monitoring,” Materials, vol. 16, no. 19, Oct. 2023, doi: 10.3390/ma16196470.
D. Saraswat, P. Bhattacharya, M. Zuhair, A. Verma, and A. Kumar, “AnSMart: A SVM-based anomaly detection scheme via system profiling in Smart Grids,” in Proceedings of 2021 2nd International Conference on Intelligent Engineering and Management, ICIEM 2021, Institute of Electrical and Electronics Engineers Inc., Apr. 2021, pp. 417–422. doi: 10.1109/ICIEM51511.2021.9445353.
B. Wang, S. Ying, G. Cheng, R. Wang, Z. Yang, and B. Dong, “Log-Based Anomaly Detection with the Improved K-Nearest Neighbor,” International Journal of Software Engineering and Knowledge Engineering, vol. 30, no. 2, pp. 239–262, Feb. 2020, doi: 10.1142/S0218194020500114.
M. Akpinar, M. F. Adak, and G. Guvenc, “SVM-based anomaly detection in remote working: Intelligent software SmartRadar,” Appl Soft Comput, vol. 109, Sep. 2021, doi: 10.1016/j.asoc.2021.107457.
Proceeding, 2019 IEEE 7th Conference on Systems, Process and Control (ICSPC 2019) : 13th-14th December 2019, Malaysia. IEEE, 2019, doi: 10.1109/ICSPC47137.2019.9068081.
S. S. Aljameel et al., “An Anomaly Detection Model for Oil and Gas Pipelines Using Machine Learning,” Computation, vol. 10, no. 8, Aug. 2022, doi: 10.3390/computation10080138.
2020 17th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Tech-nology. IEEE, 2020, doi: 10.1109/ECTI-CON49241.2020.9158222.
2nd International Conference on Innovative Mechanisms for Industry Applications (ICIMIA 2020) : conference proceedings : 5-7 March, 2020. IEEE, 2020, doi: 10.1109/ICIMIA48430.2020.9074929.
S. D. D. Anton, S. Sinha, and H. D. Schotten, “Anomaly-based Intrusion Detection in Industrial Data with SVM and Random Forests,” Jul. 2019, [Online]. Available: http://arxiv.org/abs/1907.10374
D. Chicco and G. Jurman, “The advantages of the Matthews correlation coefficient (MCC) over F1 score and accuracy in binary classification evaluation,” BMC Genomics, vol. 21, no. 1, Jan. 2020, doi: 10.1186/s12864-019-6413-7.
G. N. Ahmad et al., “Mixed Machine Learning Approach for Efficient Prediction of Human Heart Disease by Identifying the Numerical and Categorical Features,” Applied Sciences (Switzerland), vol. 12, no. 15, Aug. 2022, doi: 10.3390/app12157449.
B. Dash, M. F. Ansari, P. Sharma, and A. Ali, “Threats and Opportunities with AI-based Cyber Security Intrusion De-tection: A Review,” International Journal of Software Engineering & Applications, vol. 13, no. 5, pp. 13–21, Sep. 2022, doi: 10.5121/ijsea.2022.13502.
A. A. Salih and A. M. Abdulazeez, “Evaluation of Classification Algorithms for Intrusion Detection System: A Review,” Journal of Soft Computing and Data Mining, vol. 2, no. 1, pp. 31–40, Apr. 2021, doi: 10.30880/jscdm.2021.02.01.004.
2021 International Conference on Artificial Intelligence and Big Data Analytics : 27-29 Oct. 2021. IEEE, 2021.
S. Desmalia, A. Mutoi Siregar, K. A. Baihaqi, and T. Rohana, “Comparison Model Optimal Machine Learning Model With Feature Extraction for Heart Attack Disease Classification,” Scientific Journal of Informatics, vol. 11, no. 2, 2024, doi: 10.15294/sji.v11i2.4561.
Copyright (c) 2025 Haeruddin Haeruddin, Erick Erick, Heru Wijayanto Aripradono
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
