Klasifikasi Serangan DDoS Menggunakan Algoritma Support Vector Machine dan Correlation-Based

Abstract

Distributed Denial-of-Service (DDoS) that attacks targeting server resources are increasing every year, making early detection crucial. While network traffic analysis can aids detection, high dimensionality data and noise make manual efforts more difficult. This research implements a Support Vector Machine (SVM) with Correlation-Based Feature Selection (CFS) to reduce dimensionality, comparing it against a full-feature SVM model. Both use Radial Basis Function (RBF) kernel with hyperparameter C = 97 and gamma = 0.74. The CFS-SVM model will implemented in real-time. Performance is evaluated using confusion matrix (recall, precision, F1-Score, and accuracy) and computational time needed. Results show the CFS SVM model achieves 99.55% recall, 97.28% precision, 98.40% F1-Score, and 98.40% accuracy, needing 310.73s for training and 0.21s for testing. In Contrast, the full-feature model yields 98.89% for recall, 99.95% precision, 99.42% F1-Score, and 99.42% accuracy, but taking 438.96s for training proses and 0.29s for testing. Although the full-feature model exhibits superior metrics, applying CFS significantly reduces computational time and the computational load of feature extraction. Therefore, the CFS-SVM approach has proven to be more suitable for real-time detection systems.