Journal of Cyber Security and Risk Auditing

ISSN: 3079-5354 (Online)

Metaheuristic-Driven Feature Selection with SVM and KNN for Robust DDoS Attack Detection: A Comparative Study

by 

Rejwan Bin Sulaiman ;

Ansam Khraisat

PDF logoPDF

Published: 2025

Abstract

Distributed Denial of Service (DDoS) attack occurs when an attacker attempts to disrupt the normal operation of a network, service, or website by overwhelming it with a high volume of internet traffic. The goal of detecting DDoS attacks is to identify and respond to them promptly, thereby minimizing their impact on the targeted system. Effective detection is essential for individuals, organizations, and network administrators to safeguard infrastructure, ensure service availability, and protect online systems and services. DDoS detection is widely applicable in areas such as network security, web service protection, cloud computing, and online infrastructure resilience. To address this need, we propose a framework consisting of six main steps. First, data collection involves gathering network traffic information, system activity logs, and known instances of DDoS attacks. Second, relevant features are identified from the dataset, including traffic patterns, packet sizes, IP addresses, and protocol types. In the third step, feature selection is performed using metaheuristic algorithms such as the Salp Swarm Algorithm (SSA), Gray Wolf Optimization (GWO), and Particle Swarm Optimization (PSO) to isolate the most informative features for distinguishing between normal and malicious traffic. Fourth, the dataset is divided into training and testing subsets for model development and evaluation. Fifth, classification models are built using machine learning algorithms such as Support Vector Machine (SVM) and K-Nearest Neighbors (KNN) to classify traffic patterns effectively. Finally, the performance of the models is evaluated using metrics including accuracy, precision, recall, and F1-score. The results of the proposed framework demonstrate outstanding performance, with classification accuracy reaching up to 99.9%. In summary, detecting DDoS attacks is vital for protecting networked systems and ensuring the continuity of online services, and the use of feature selection and machine learning techniques significantly enhances detection accuracy and efficiency.

Keywords

DDoS AttacksMachine learning algorithmsSalp swarm algorithm (SSA)PSOGWOSVM

Metaheuristic-Driven Feature Selection with SVM and KNN for Robust DDoS Attack Detection: A Comparative Study is licensed under CC BY 4.0CCBY

References

  1. AboulEla, S., Ibrahim, N., Shehmir, S., Yadav, A., & Kashef, R. (2024). Navigating the cyber threat landscape: An in-depth analysis of attack detection within IoT ecosystems. Ai, 5(2), 704-732.
  2. Abdullahi, A., Rambo, S. I., Irhebhude, M. E., Evwiekpeace, A., Chinyio, D. T., & Odion, P. O. (2024). Clustering Model optimization with Peephole Optimizer in Internet of Things Networks for Denial-of-Service Detection using Constrained Application Protocol. Adeleke University Journal of Engineering and Technology, 7(2), 049-064.
  3. Polat, H., Polat, O., & Cetin, A. (2020). Detecting DDoS attacks in software-defined networks through feature selection methods and machine learning models. Sustainability, 12(3), 1035.
  4. Sahoo, K. S., Tripathy, B. K., Naik, K., Ramasubbareddy, S., Balusamy, B., Khari, M., & Burgos, D. (2020). An evolutionary SVM model for DDOS attack detection in software defined networks. IEEE access, 8, 132502-132513.
  5. ] Alduailij, M., Khan, Q. W., Tahir, M., Sardaraz, M., Alduailij, M., & Malik, F. (2022). Machine-learning-based DDoS attack detection using mutual information and random forest feature importance method. Symmetry, 14(6), 1095.
  6. Anyanwu, G. O., Nwakanma, C. I., Lee, J. M., & Kim, D. S. (2022). Optimization of RBF-SVM kernel using grid search algorithm for DDoS attack detection in SDN-based VANET. IEEE Internet of Things Journal, 10(10), 8477-8490.
  7. Türkoğlu, M., Polat, H., Koçak, C., & Polat, O. (2022). Recognition of DDoS attacks on SD-VANET based on combination of hyperparameter optimization and feature selection. Expert Systems with Applications, 203, 117500.
  8. Maslan, A., Mohamad, K. M. B., & Foozy, F. B. M. (2020). Feature selection for DDoS detection using classification machine learning techniques. IAES International Journal of Artificial Intelligence, 9(1), 137.
  9. Hossain, M. A., & Islam, M. S. (2024). Enhancing DDoS attack detection with hybrid feature selection and ensemble-based classifier: A promising solution for robust cybersecurity. Measurement: Sensors, 32, 101037.
  10. Roopesh, M., Nishat, N., Rasetti, S., & Rahaman, M. A. (2024). A Review of Machine Learning and Feature Selection Techniques for Cybersecurity Attack Detection with a Focus on DDoS Attacks. Academic Journal on Science, Technology, Engineering & Mathematics Education, 4(03), 178-194.
  11. Kachavimath, A. V., & Narayan, D. G. (2025). An Efficient DDoS Attack Detection in SDN using Multi-Feature Selection and Ensemble Learning. Procedia Computer Science, 252, 241-250.
  12. Gu, Y., Li, K., Guo, Z., & Wang, Y. (2019). Semi-supervised K-means DDoS detection method using hybrid feature selection algorithm. IEEE Access, 7, 64351-64365.
  13. Aamir, M., & Zaidi, S. M. A. (2019). DDoS attack detection with feature engineering and machine learning: the framework and performance evaluation. International Journal of Information Security, 18, 761-785.
  14. Alghazzawi, D., Bamasag, O., Ullah, H., & Asghar, M. Z. (2021). Efficient detection of DDoS attacks using a hybrid deep learning model with improved feature selection. Applied Sciences, 11(24), 11634.
  15. Mohy-Eddine, M., Guezzaz, A., Benkirane, S., & Azrour, M. (2023). An efficient network intrusion detection model for IoT security using K-NN classifier and feature selection. Multimedia Tools and Applications, 82(15), 23615-23633.
  16. Bouzoubaa, K., Taher, Y., & Nsiri, B. (2021). Predicting DOS-DDOS attacks: Review and evaluation study of feature selection methods based on wrapper process. Int. J. Adv. Comput. Sci. Appl, 12(5), 132-145.
  17. Raza, M. S., Sheikh, M. N. A., Hwang, I. S., & Ab-Rahman, M. S. (2024, April). Feature-selection-based DDoS attack detection using AI algorithms. In Telecom (Vol. 5, No. 2, pp. 333-346). MDPI.
  18. Batchu, R. K., & Seetha, H. (2021). A generalized machine learning model for DDoS attacks detection using hybrid feature selection and hyperparameter tuning. Computer Networks, 200, 108498.
  19. Chanu, U. S., Singh, K. J., & Chanu, Y. J. (2023). A dynamic feature selection technique to detect DDoS attack. Journal of Information Security and Applications, 74, 103445.