Optimasi Deteksi DDoS Attack Melalui Feature Selection Dan Ensemble Learning
DOI:
https://doi.org/10.52060/juptik.v4i1.4236Abstract
Serangan DDoS (Distributed Denial of Service) semakin berkembang dalam kompleksitas dan skala, mengancam ketersediaan layanan jaringan secara serius. Deteksi yang efektif tidak hanya bergantung pada pemilihan classifier yang tepat, tetapi juga pada rekayasa fitur yang mampu mengisolasi atribut trafik paling diskriminatif dari ruang fitur berdimensi tinggi. Penelitian ini mengusulkan pipeline deteksi DDoS yang mengintegrasikan Recursive Feature Elimination with Cross-Validation (RFECV) untuk seleksi fitur, Random Undersampling untuk menangani ketidakseimbangan kelas, dan classifier Random Forest yang dioptimalkan melalui Grid Search. Eksperimen dilakukan pada dataset benchmark CIC-DDoS2019 yang mencakup 12 jenis serangan DDoS dengan 87 fitur awal. RFECV berhasil mereduksi ruang fitur menjadi 25 atribut dengan skor cross-validation 99,83%. Dengan hyperparameter optimal (n_estimators=300, max_depth=None), model yang diusulkan mencapai akurasi 99,97%, presisi 99,96%, recall 99,95%, dan F1-score 99,95% pada data uji. Analisis ablasi mengkonfirmasi bahwa kombinasi seleksi fitur berbasis wrapper dengan tuning hyperparameter menghasilkan peningkatan F1-score sebesar 0,24 poin absolut dibandingkan baseline. Hasil ini menunjukkan efektivitas pendekatan optimasi terstruktur berbasis komponen untuk deteksi DDoS berperforma tinggi.
References
[1] H. Hartono, M. Khahfi Zuhanda, and S. Rahman, “IMPROVING CYBERSECURITY TRAFFIC ANALYSIS VIA ENHANCED K-MEANS CLUSTERING WITH TRIANGLE INEQUALITY-BASED INITIALIZATION,” J. TIMES, vol. 14, no. 1, pp. 60–69, Jun. 2025, https://doi.org/10.51351/jtm.14.1.2025823
[2] O. Ebrahem, S. Dowaji, and S. Alhammoud, “A lightweight machine learning approach for DDoS detection and classification,” Sci. Rep., Apr. 2026, https://doi.org/10.1038/s41598-026-48535-x
[3] A. A. Alashhab et al., “Enhancing DDoS Attack Detection and Mitigation in SDN Using an Ensemble Online Machine Learning Model,” IEEE Access, vol. 12, pp. 51630–51649, 2024, https://doi.org/10.1109/ACCESS.2024.3384398
[4] A. A. Alashhab, M. S. M. Zahid, M. A. Azim, M. Y. Daha, B. Isyaku, and S. Ali, “A Survey of Low Rate DDoS Detection Techniques Based on Machine Learning in Software-Defined Networks,” Symmetry (Basel)., vol. 14, no. 8, p. 1563, Jul. 2022, https://doi.org/10.3390/sym14081563
[5] S. Batool, M. Aslam, E. Akpokodje, and S. F. Jilani, “A Comprehensive Review of DDoS Detection and Mitigation in SDN Environments: Machine Learning, Deep Learning, and Federated Learning Perspectives,” Electronics, vol. 14, no. 21, p. 4222, Oct. 2025, https://doi.org/10.3390/electronics14214222
[6] T. Ariyadi, A. R. Mukti, and H. Saputra, “Mitigasi Distributed Denial Of Service(DDoS) Attack Pada Arsitektur Software Defined Network (SDN),” Techno.Com, vol. 21, no. 4, pp. 878–886, Nov. 2022, https://doi.org/10.33633/tc.v21i4.6879
[7] M. Al-Sarem, F. Saeed, E. H. Alkhammash, and N. S. Alghamdi, “An Aggregated Mutual Information Based Feature Selection with Machine Learning Methods for Enhancing IoT Botnet Attack Detection,” Sensors, vol. 22, no. 1, p. 185, Dec. 2021, https://doi.org/10.3390/s22010185.
[8] B. Liang, X. Dong, Y. Wang, and X. Zhang, “A high-applicability heterogeneous cloud data centers resource management algorithm based on trusted virtual machine migration,” Expert Syst. Appl., vol. 197, p. 116762, Jul. 2022, https://doi.org/10.1016/j.eswa.2022.116762
[9] H. Zouhri, A. Idri, and A. Ratnani, “Evaluating the impact of filter-based feature selection in intrusion detection systems,” Int. J. Inf. Secur., vol. 23, no. 2, pp. 759–785, Apr. 2024, https://doi.org/10.1007/s10207-023-00767-y
[10] G. S. Fuhnwi, M. Revelle, and C. Izurieta, “Improving Network Intrusion Detection Performance : An Empirical Evaluation Using Extreme Gradient Boosting (XGBoost) with Recursive Feature Elimination,” in 2024 IEEE 3rd International Conference on AI in Cybersecurity (ICAIC), IEEE, Feb. 2024, pp. 1–8. https://doi.org/10.1109/ICAIC60265.2024.10433805
[11] Y. Yin et al., “IGRF-RFE: a hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 dataset,” J. Big Data, vol. 10, no. 1, p. 15, Feb. 2023, https://doi.org/10.1186/s40537-023-00694-8
[12] E. M. Maseno and Z. Wang, “Hybrid wrapper feature selection method based on genetic algorithm and extreme learning machine for intrusion detection,” J. Big Data, vol. 11, no. 1, p. 24, Feb. 2024, https://doi.org/10.1186/s40537-024-00887-9
[13] H. R. Sayegh, W. Dong, and A. M. Al-madani, “Enhanced Intrusion Detection with LSTM-Based Model, Feature Selection, and SMOTE for Imbalanced Data,” Appl. Sci., vol. 14, no. 2, p. 479, Jan. 2024, https://doi.org/10.3390/app14020479
[14] V. Shanmugam, R. Razavi-Far, and E. Hallaji, “Addressing Class Imbalance in Intrusion Detection: A Comprehensive Evaluation of Machine Learning Approaches,” Electronics, vol. 14, no. 1, p. 69, Dec. 2024, https://doi.org/10.3390/electronics14010069
[15] A. Abdelkhalek and M. Mashaly, “Addressing the class imbalance problem in network intrusion detection systems using data resampling and deep learning,” J. Supercomput., vol. 79, no. 10, pp. 10611–10644, Jul. 2023, https://doi.org/10.1007/s11227-023-05073-x
[16] S. A. Almahaqeri, M. H. Almourish, A. A. Nasser, A. S. A. Alghawli, A. A. K. Elsayed, and A. N. Alhejoj, “An optimized gradient boosting framework for IoT intrusion detection: a comprehensive evaluation on the CICIoT2023 dataset,” Sci. Rep., Apr. 2026, https://doi.org/10.1038/s41598-026-47399-5
[17] M. S. Sawah, H. Elmannai, A. A. El-Bary, K. Lotfy, and O. E. Sheta, “Distributed denial of service (DDoS) classification based on random forest model with backward elimination algorithm and grid search algorithm,” Sci. Rep., vol. 15, no. 1, p. 19063, May 2025, https://doi.org/10.1038/s41598-025-03868-x
[18] R. K. Batchu, T. Bikku, S. Thota, H. Seetha, and A. A. Ayoade, “A novel optimization-driven deep learning framework for the detection of DDoS attacks,” Sci. Rep., vol. 14, no. 1, p. 28024, Nov. 2024, https://doi.org/10.1038/s41598-024-77554-9
[19] Y. Kim, S. Seol, J. Chung, and H. Lee, “CRGAN-based turbo code interleaver for underwater acoustic communications,” ICT Express, vol. 10, no. 3, pp. 498–506, Jun. 2024, https://doi.org/10.1016/j.icte.2024.01.005
[20] M. F. Saiyedand and I. Al-Anbagi, “Deep Ensemble Learning With Pruning for DDoS Attack Detection in IoT Networks,” IEEE Trans. Mach. Learn. Commun. Netw., vol. 2, pp. 596–616, 2024, https://doi.org/10.1109/TMLCN.2024.3395419
[21] M. Alalhareth and S.-C. Hong, “An Improved Mutual Information Feature Selection Technique for Intrusion Detection Systems in the Internet of Medical Things,” Sensors, vol. 23, no. 10, p. 4971, May 2023, https://doi.org/10.3390/s23104971
[22] Z. Zhang, H. Al Hamadi, E. Damiani, C. Y. Yeun, and F. Taher, “Explainable Artificial Intelligence Applications in Cyber Security: State-of-the-Art in Research,” IEEE Access, vol. 10, pp. 93104–93139, 2022, https://doi.org/10.1109/ACCESS.2022.3204051
| Keywords | : |
Keywords:
DDoS Detection,, Recursive Feature Elimination, Random Forest, Ensemble Learning, CIC-DDoS 2019, Intrusion Detection
|
| Galleys | : | |
| Published | : |
2026-06-01
|
| Issue | : |
Copyright (c) 2026 Jurnal Pengembangan Teknologi Informasi dan Komunikasi (JUPTIK)
This work is licensed under a Creative Commons Attribution 4.0 International License.
