Cluster Computing

, Volume 22, Supplement 1, pp 2505–2515 | Cite as

An efficient DDoS detection based on SU-Genetic feature selection

  • Chundong Wang
  • Honglei YaoEmail author
  • Zheli Liu


Distributed denial of service (DDoS) attack has been a huge challenge of network security for many years. The bandwidth, services and resources are seriously occupied by the attackers during the attack. It is vitally important to detect DDoS attacks effectively and efficiently. Aiming at the huge network traffic of DDoS attacks, the SU-Genetic method is proposed to select important features of the original attack data. The SU-Genetic method ranks features by the symmetrical uncertainty and then selects features with the genetic algorithm. The correlation evaluator with SU value is applied in genetic selection to balance the correlation and redundancy. After experimented on the NSL-KDD dataset, the features were reduced from 41 to 17 and the amount of data was roughly reduced to 41% of the original. Both the efficiency and accuracy of all the three classification-based detections (BayesNet, J48, and RanomTree) were improved with the proposed SU-Genetic feature selection method.


DDoS detection Select features Symmetrical uncertainty Genetic search NSL-KDD 



Our work was supported by the Foundation of the Educational Commission of Tianjin, China (Grant No. 20130801), the General Project of Tianjin Municipal Science and Technology Commission under Grant (No. 15JCYBJC1 5600), the Major Project of Tianjin Municipal Science and Technology Commission under Grant (No. 15ZXDSGX00030), and NSFC: The United Foundation of General Technology and Fundamental Research (No. U1536122). The authors would like to give thanks to all the pioneers in this field, and also gratefully acknowledge the helpful comments and suggestions of the reviewers, which have improved the quality of this paper.


  1. 1.
    Alomari, E., Manickam, S., Gupta, B.B., Karuppayah, S., Alfaris, R.: Botnet-based distributed denial of service (ddos) attacks on web servers: classification and art. Int. J. Comput. Appl. 49(7), 24–32 (2012)Google Scholar
  2. 2.
    Ambusaidi, M.A., He, X., Nanda, P., Tan, Z.: Building an intrusion detection system using a filter-based feature selection algorithm. IEEE Trans. Comput. 65(10), 2986–2998 (2016)MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Atat, R., Liu, L., Chen, H., Wu, J., Li, H., Yi, Y.: Enabling cyber-physical communication in 5g cellular networks: challenges, spatial spectrum sensing, and cyber-security. IET Cyber-Phys. Syst. 2(1), 49–54 (2017)Google Scholar
  4. 4.
    Baig, Z.A., Sait, S.M., Shaheen, A.R.: Gmdh-based networks for intelligent intrusion detection. Eng. Appl. Artif. Intell. 26(7), 1731–1740 (2013)CrossRefGoogle Scholar
  5. 5.
    Cai, J., Wang, Y., Liu, Y., Luo, J.Z., Wei, W., Xu, X.: Enhancing network capacity by weakening community structure in scale-free network. Future Gener. Comput. Syst. (2017).
  6. 6.
    Cai, Z., Yan, H., Li, P., Huang, Z., Gao, C.: Towards secure and flexible EHR sharing in mobile health cloud under static assumptions. Cluster Comput. 20(3), 2415–2422 (2017)CrossRefGoogle Scholar
  7. 7.
    Chabathula, K.J., Jaidhar, C.D., Kumara, M.A.A.: Comparative study of principal component analysis based intrusion detection approach using machine learning algorithms. In: International Conference on Signal Processing, Communication and Networking, pp 1–6 (2015)Google Scholar
  8. 8.
    Chen, S., Huang, Z., Zuo, Z., Guo, X.: A feature selection method for anomaly detection based on improved genetic algorithm. In: International Conference on Mechanical Materials and Manufacturing Engineering (2016)Google Scholar
  9. 9.
    Chhabra, M., Gupta, B., Almomani, A.: A novel solution to handle ddos attack in manet. J. Inf. Secur. 04(3), 165–179 (2015)Google Scholar
  10. 10.
    Chi, M.V., Tai, K.I., Chi, M.P., Wong, P.K.: Fast and accurate face detection by sparse bayesian extreme learning machine. Neural Comput. Appl. 26(5), 1149–1156 (2015)CrossRefGoogle Scholar
  11. 11.
    Cui, B., Liu, Z., Wang, L.: Key-aggregate searchable encryption (KASE) for group data sharing via cloud storage. IEEE Trans. Comput. 65(8), 2374–2385 (2016)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    Dewa, Z., Maglaras, L.: Data mining and intrusion detection systems. Int. J. Adv. Comput. Sci. Appl. 7(1) (2016)Google Scholar
  13. 13.
    Ghali, N.T.: Feature selection for effective anomaly-based intrusion detection. IJCSNS Int. J. Comput. Sci. Netw. Secur. 9(3), 285–289 (2009)Google Scholar
  14. 14.
    Gupta, B.B., Badve, O.P.: Taxonomy of dos and ddos attacks and desirable defense mechanism in a cloud computing environment. Neural Comput. Appl. 28(12), 1–28 (2017)Google Scholar
  15. 15.
    Gupta, B.B., Chhabra, M.: An efficient scheme to prevent ddos flooding attacks in mobile ad-hoc network (manet). Res. J. Appl. Sci. Eng. Technol. 7(10), 2033–2039 (2014)CrossRefGoogle Scholar
  16. 16.
    Gupta, B.B., Agrawal, D.P., Yamaguchi, S.: Handbook of Research on Modern Cryptographic Solutions for Computer and Cyber Security (2016)Google Scholar
  17. 17.
    Gupta, D.B.B.: An Introduction to DDoS Attacks and Defense Mechanisms: An Analyst’s Handbook. LAP Lambert Academic Publishing, Koeln (2011)Google Scholar
  18. 18.
    Hamedani, K., Liu, L., Rachad, A., Wu, J., Yi, Y.: Reservoir computing meets smart grids: attack detection using delayed feedback networks. IEEE Trans. Ind. Inform. (99): 1–1 (2017)Google Scholar
  19. 19.
    Harbola, A., Harbola, J., Vaisla, K.S.: Improved intrusion detection in ddos applying feature selection using rank & score of attributes in kdd-99 data set. In: International Conference on Computational Intelligence and Communication Networks, pp. 840–845 (2014)Google Scholar
  20. 20.
    Dhanabal, L., Shantharajah, S.P.: A study on nsl-kdd dataset for intrusion detection system based on classification algorithms. In: International Journal of Advanced Research in Computer and Communication Engineering, vol. 4 (2015)Google Scholar
  21. 21.
    Lai, X., Zou, W., Xie, D., Li, X., Fan, L.: Df relaying networks with randomly distributed interferers. IEEE Access 5, 18909–18917 (2017)CrossRefGoogle Scholar
  22. 22.
    Li, B., Huang, Y., Liu, Z., Li, J., Tian, Z., Yiu, S.M.: Hybridoram: practical oblivious cloud storage with constant bandwidth. Inf. Sci. (2018)
  23. 23.
    Liu, Z., Chen, X., Yang, J., Jia, C., You, I.: New order preserving encryption model for outsourced databases in cloud environments. J. Netw. Comput. Appl. 59, 198–207 (2016)CrossRefGoogle Scholar
  24. 24.
    Malji, P., Sakhare, S.: Significance of entropy correlation coefficient over symmetric uncertainty on fast clustering feature selection algorithm, pp 457–463 (2017)Google Scholar
  25. 25.
    Meng, W., Jiang, L., Wang, Y., Li, J., Zhang, J., Xiang, Y.: Jfcguard: detecting juice filming charging attack via processor usage analysis on smartphones. Comput. Secur. (2017)Google Scholar
  26. 26.
    Meng, W., Tischhauser, E., Wang, Q., Wang, Y., Han, J.: When intrusion detection meets blockchain technology: a review. IEEE Access (2018)Google Scholar
  27. 27.
    Mukherjee, S., Sharma, N.: Intrusion detection using naive bayes classifier with feature reduction. Proc. Technol. 4(11), 119–128 (2012)CrossRefGoogle Scholar
  28. 28.
    Nag, K., Pal, N.R.: A multiobjective genetic programming-based ensemble for simultaneous feature selection and classification. IEEE Trans. Cybern. 46(2), 499–510 (2017)CrossRefGoogle Scholar
  29. 29.
    Novaković, J., Strbac, P., Bulatović, D.: Toward optimal feature selection using ranking methods and classification algorithms. Yugoslav J. Oper. Res. 21(1), 119–135 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
  30. 30.
    Olusola, A.A., Oladele, A.S., Abosede, D.O.: Analysis of kdd’99 intrusion detection dataset for selection of relevance features. Lecture Notes Eng. Comput. Sci. 2186(1), 1371–1379 (2010)Google Scholar
  31. 31.
    Revathi, S., Malathi, A.: A detailed analysis on nsl-kdd dataset using various machine learning techniques for intrusion detection. In: International Journal of Engineering Research and Technology (2013)Google Scholar
  32. 32.
    Tian, H., Chen, Z., Chang, C.C., Huang, Y., Wang, T., Huang, Z., Cai, Y., Chen, Y.: Public audit for operation behavior logs with error locating in cloud storage. Soft Comput., 1–14 (2018)Google Scholar
  33. 33.
    Mursalin, M., Zhang, Y., Chen, Y., Chawla, N.V.: Automated epileptic seizure detection using improved correlation-based feature selection with random forest classifier. Neurocomputing 241(C), 204–214 (2017)CrossRefGoogle Scholar
  34. 34.
    Wang, H., Zheng, Z., Wu, L., Li, P.: New directly revocable attribute-based encryption scheme and its application in cloud storage environment. Cluster Comput. 20(3), 2385–2392 (2017)CrossRefGoogle Scholar
  35. 35.
    Wen, H., Tang, J., Wu, J., Song, H., Wu, T., Wu, B., Ho, P.H., Lv, S.C., Sun, L.M.: A cross-layer secure communication model based on Discrete Fractional Fourier Fransform (dfrft). IEEE Trans. Emerg. Top. Comput. 3(1), 119–126 (2015)CrossRefGoogle Scholar
  36. 36.
    Wen, S., Haghighi, M.S., Chen, C., Xiang, Y., Zhou, W., Jia, W.: A sword with two edges: propagation studies on both positive and negative information in online social networks. IEEE Trans. Comput. 64(3), 640–653 (2015)MathSciNetCrossRefzbMATHGoogle Scholar
  37. 37.
    Wu, J., Guo, S., Li, J., Zeng, D.: Big data meet green challenges: greening big data. IEEE Syst. J. 10(3), 873–887 (2016)CrossRefGoogle Scholar
  38. 38.
    Wu, T., Wen, S., Xiang, Y., Zhou, W.: Twitter spam detection: Survey of new approaches and comparative study. Comput. Secur. (2017)Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Key Laboratory of Computer Vision and System Ministry of EducationTianjin University of TechnologyTianjinChina
  2. 2.Tianjin Key Laboratory of Intelligence Computing and Novel Software TechnologyTianjin University of TechnologyTianjinChina
  3. 3.School of Computer and Control EngineeringNankai UniversityTianjinChina

Personalised recommendations