LAUSR

Distributed denial of service (DDoS) attack has been a huge challenge of network security for many years. The bandwidth, services and resources are seriously occupied by the attackers during the attack. It is vitally important to detect DDoS attacks effectively and efficiently. Aiming at the huge network traffic of DDoS attacks, the SU-Genetic method is proposed to select important features of the original attack data. The SU-Genetic method ranks features by the symmetrical uncertainty and then selects features with the genetic algorithm. The correlation evaluator with SU value is applied in genetic selection to balance the correlation and redundancy. After experimented on the NSL-KDD dataset, the features were reduced from 41 to 17 and the amount of data was roughly reduced to 41% of the original. Both the efficiency and accuracy of all the three classification-based detections (BayesNet, J48, and RanomTree) were improved with the proposed SU-Genetic feature selection method.