For Robust DDoS Attack Detection by IDS: Smart Feature Selection and Data Imbalance Management Strategies

Computer network security represents a major challenge in the digital age, where intrusions threaten data confidentiality, accuracy and accessibility.To safeguard data and online services, Intrusion Detection Systems (IDS) controls the network traffic for any signs of malicious activity.The integration of artificial intelligence into IDSs offers new perspectives, but poses challenges, particularly in terms of feature selection and data imbalance management.Our research focused on identifying DDoS attacks, a major threat to the accessibility of online services.We evaluated the effectiveness of IDS against these attacks by testing the RF, XGB, SGD, LGB and MLP machine learning models on the CICIDS2018 DDOS attacks dataset.To optimize data quality, we adopted a strategic feature selection approach based on correlation matrix, mutual information and feature importance, reducing data dimensionality and improving model performance.Then, by balancing our dataset using oversampling techniques such as SMOTE, BorderlineSMOTE and ADASYN, we achieved better model generalization and reduced false positives.Our results showed that the ADASYN+SMOTE+XGB configuration was the most optimal for DDoS attack detection regarding effectiveness, false positives and execution duration.Our approach, combining judicious feature selection and resampling, has enabled us to create more performing intrusion detection systems, strengthening network security against increasingly sophisticated threats.