Distributed denial of service (DDoS) classification based on random forest model with backward elimination algorithm and grid search algorithm.

Distributed Denial of Service (DDoS) attacks pose significant threats to network security, disrupting critical services by overwhelming targeted systems with malicious traffic. In this study, a machine learning-based approach is proposed to classify DDoS attacks using multiple classification models, including Random Forest (RF), Naïve Bayes (NB), K-Nearest Neighbors (KNN), Linear Discriminant Analysis (LDA), and Support Vector Machine (SVM). The DDoS-SDN dataset was used for training and evaluation, with feature selection via Backward Elimination (BE) and hyperparameter tuning using Grid Search with 5-fold Cross-Validation (CV = 5). Experimental results demonstrate a significant improvement in classification performance after feature selection and parameter optimization, with RF achieving the highest accuracy of 99.99%. In this study, we propose a machine learning-based classification framework enhanced by feature selection and hyperparameter optimization techniques through employing Recursive Feature Elimination (RFE) and Grid Search .Our model based on Random Forest (RF) achieved a remarkable accuracy of 99.99%, outperforming other baseline classifiers, including Naive Bayes (98.85%), K-Nearest Neighbors (97.90%), Linear Discriminant Analysis (97.10%), and Support Vector Machine (95.70%). In addition to accuracy, the RF model also demonstrated superior F1 score, recall, and precision, each reaching 99.99%. These results validate the effectiveness of our optimization strategy in improving classification performance. The study highlights the effectiveness of feature engineering and model optimization in enhancing DDoS detection accuracy, making machine learning a viable solution for real-time cybersecurity applications.