Congyuan Xu,Jizhong Shen,Xin Du

DOI: https://doi.org/10.1016/j.jisa.2021.102879

IF: 4.96

2021-01-01

Journal of Information Security and Applications

Abstract:Low-rate Denial of Service (LDoS) attacks use the low-rate requests to achieve the occupation of the network resources and have strong concealment. The traditional signal analysis based detection methods are challenging to detect LDoS attacks in the fluctuating legitimate traffic. In this paper, an LDoS attack detection method based on hybrid deep neural networks is proposed using one-dimensional convolutional neural network and gated recurrent unit. In order to evaluate the proposed detection method in the real scenarios, we captured real legitimate traffic from a website in the datacenter, and carried out a variety of real LDoS attacks on the mirror of the website in the laboratory environment to obtain real attack traffic. The detection results on the real traffic show that the proposed detection method does not need to extract features manually and can effectively detect LDoS attacks in fluctuating HTTP traffic with an average detection rate of 98.68%, which is more advantageous than MF-DFA or power spectral density based detection methods.

Shuhan Chen,Congqi Shen,Danrui Yu,Yuqin Wu,Chunming Wu

DOI: https://doi.org/10.1109/isncc52172.2021.9615889

2021-01-01

Abstract:Botnets provide a fundamental infrastructure for various kinds of network attacks, such as DDoS attack, etc. Detecting DDoS attack in botnet is a long-standing challenge. In this paper, we propose a novel method to detect DDoS attack in botnet through the analysis of packet forwarding and network traffic. The primary idea is to collect features from both overall network traffic and packet to describe the attack pattern and conduct a detection model with high accuracy. Firstly, apart from overall network traffic, we calculate several statistics related to looking up functions of flow tables during packet forwarding on switches to describe attack pattern. Secondly, these features are put into a deep learning model to detect DDoS attack. We perform evaluations under Software Defined Networking (SDN) paradigm. In particular, we compare the proposed method with traditional methods. The experimental results demonstrate that the proposed method is meaningful in improving the accuracy of DDoS attack detection by adding packet-level features extracted from packet forwarding.

Anupama Mishra,Neena Gupta,Brij B. Gupta

DOI: https://doi.org/10.1007/s11235-022-00981-4

2022-12-15

Telecommunication Systems

Abstract:Distributed denial of service attacks are common and very severe threat to various computing technology like Cloud, IoT and Blockchain because of the disruption they cause to the services that are provided. Many different types of DDoS attacks are there, each with a unique action, making it difficult for network monitoring and control systems to identify and prevent them. The objective of this research work is to explore and select a set of data to represent DDoS attack events and attack traffic information. A pre-processing phase is used to clean and transform the data, and afterwards the generation of a model of machine learning for multi-class classification is done. This is carried out to identify the various classification of different types of DDoS attacks. We have used CIC dataset for the experiment which contains all types of DDoS attack and huge in number of records. Random Forest, Support Vector Machine, Naive Bayes, Decision Tree, XGBoost, and AdaBoost are six different types of machine learning algorithms employed in this research. FRom the results, AdaBoost achieves the best accuracy of 99.87% in 27.4 s of computation time. Naive Bayes has the fastest computing time (3.2 s) with 94.15% accuracy, where as Support Vector Machine has the slowest time, a lazy learner (229m26s for training and 0.2 s for prediction) and has the low accuracy (95.73%).

telecommunications

Wei Wei,Yabo Dong,Dongming Lu,Guang Jin

DOI: https://doi.org/10.1007/11758549_8

2006-01-01

Abstract:In legitimate traffic the correlation exists between the outgoing traffic and incoming traffic of a server network because of the request-reply actions in most protocols. When DDoS attacks occur, the attackers send packets with faked source addresses. As a result, the outgoing traffic to the faked addresses does not induce any related incoming traffic. Our main idea is to find changes in the correlation caused by DDoS. We sample network traffics using Extended First Connection Density (EFCD), and express correlation by cross-correlation function. Because network traffic in DDoS-initiating stage is much similar to legitimate traffic, we use fuzzy classification in order to guarantee the accuracy. Experiments show that DDoS traffic can be identified accurately by our algorithm.

Lu Zhou,Ye Zhu,Tianrui Zong,Yong Xiang

DOI: https://doi.org/10.1016/j.future.2022.02.006

IF: 7.307

2022-07-01

Future Generation Computer Systems

Abstract:Distributed Denial of Service (DDoS) attacks still be a great threat to the availability of online servers. To defend against attacks, the challenge is not only detecting DDoS attacks as they occur but also identifying, and thus blocking the attack flows. However, existing classification methods cannot accurately and efficiently differentiate between attack flows and benign flows. In this paper, we propose a DDoS attack flow classification system, named SAFE, to accurately and quickly identify attack flows in network layer. First, SAFE chooses the optimal features by removing the redundant features and selecting the most informative features. Second, a threshold tuning method is proposed to identify the best threshold for each feature. Finally, an aggregated feature-based linear classifier is proposed to weight the selected features for classification. Since the proposed method monitors the flows in network layer, it can detect the traditional DDoS attack flows as well as the attack flows launched by Internet of Thing (IoT) devices. Comprehensive experiments are carried out on one IoT and two sophisticated DDoS attacks to evaluate the classification performance of the proposed method. The comparison results show that SAFE can achieve better classification performance than the state-of-the-art methods in terms of classification accuracy and efficiency.

Raj Kumar Batchu,Hari Seetha

DOI: https://doi.org/10.1016/j.comnet.2021.108498

IF: 5.493

2021-12-01

Computer Networks

Abstract:In the digital era, the usage of network-connected devices is rapidly growing which leads to an increase in cyberattacks. Among them, Distributed Denial of Service (DDoS) attacks are becoming more complex to detect. Recently, several models have been reported in the literature to identify them, but it remains a challenging issue due to the significant changes in signatures and traffic rate. To address this problem, a new automatic detection methodology is developed by reducing the feature space, which in turn reduces overfitting and computational time of the model. Initially, data pre-processing is performed to improve the generalizability of the model. Next, feature selection is applied to select the most appropriate features, which helps in improving classification accuracy. Further, the performance of the model is enhanced using hyperparameter tuning by selecting the appropriate parameters for learning approaches. Finally, both the optimal features and hyperparameters are fed to various supervised learning approaches namely-Logistic regression(LR), Decision tree (DT), Gradient boost(GB), K-nearest neighbor (KNN), and Support vector machine (SVM). All these experiments are evaluated on the CICDDoS2019 dataset. The experimental results show that the GB model performed well compared to the state-of-the-art methods with an accuracy of 99.97 %.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Zhenpeng Liu,Yihang Wang,Fan Feng,Yifan Liu,Zelin Li,Yawei Shan

DOI: https://doi.org/10.3390/s23136176

IF: 3.9

2023-07-06

Sensors

Abstract:Distributed denial-of-service (DDoS) attacks pose a significant cybersecurity threat to software-defined networks (SDNs). This paper proposes a feature-engineering- and machine-learning-based approach to detect DDoS attacks in SDNs. First, the CSE-CIC-IDS2018 dataset was cleaned and normalized, and the optimal feature subset was found using an improved binary grey wolf optimization algorithm. Next, the optimal feature subset was trained and tested in Random Forest (RF), Support Vector Machine (SVM), K-Nearest Neighbor (k-NN), Decision Tree, and XGBoost machine learning algorithms, from which the best classifier was selected for DDoS attack detection and deployed in the SDN controller. The results show that RF performs best when compared across several performance metrics (e.g., accuracy, precision, recall, F1 and AUC values). We also explore the comparison between different models and algorithms. The results show that our proposed method performed the best and can effectively detect and identify DDoS attacks in SDNs, providing a new idea and solution for the security of SDNs.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Huseyin Polat,Onur Polat,Aydin Cetin

DOI: https://doi.org/10.3390/su12031035

IF: 3.9

2020-02-01

Sustainability

Abstract:Software Defined Networking (SDN) offers several advantages such as manageability, scaling, and improved performance. However, SDN involves specific security problems, especially if its controller is defenseless against Distributed Denial of Service (DDoS) attacks. The process and communication capacity of the controller is overloaded when DDoS attacks occur against the SDN controller. Consequently, as a result of the unnecessary flow produced by the controller for the attack packets, the capacity of the switch flow table becomes full, leading the network performance to decline to a critical threshold. In this study, DDoS attacks in SDN were detected using machine learning-based models. First, specific features were obtained from SDN for the dataset in normal conditions and under DDoS attack traffic. Then, a new dataset was created using feature selection methods on the existing dataset. Feature selection methods were preferred to simplify the models, facilitate their interpretation, and provide a shorter training time. Both datasets, created with and without feature selection methods, were trained and tested with Support Vector Machine (SVM), Naive Bayes (NB), Artificial Neural Network (ANN), and K-Nearest Neighbors (KNN) classification models. The test results showed that the use of the wrapper feature selection with a KNN classifier achieved the highest accuracy rate (98.3%) in DDoS attack detection. The results suggest that machine learning and feature selection algorithms can achieve better results in the detection of DDoS attacks in SDN with promising reductions in processing loads and times.

environmental sciences,environmental studies,green & sustainable science & technology

Azadeh Golduzian

DOI: https://doi.org/10.48550/arXiv.2308.15674

2023-08-30

Abstract:A malicious attempt to exhaust a victim's resources to cause it to crash or halt its services is known as a distributed denial-of-service (DDoS) attack. DDOS attacks stop authorized users from accessing specific services available on the Internet. It targets varying components of a network layer and it is better to stop into layer 4 (transport layer) of the network before approaching a higher layer. This study uses several machine learning and statistical models to detect DDoS attacks from traces of traffic flow and suggests a method to prevent DDOS attacks. For this purpose, we used logistic regression, CNN, XGBoost, naive Bayes, AdaBoostClassifier, KNN, and random forest ML algorithms. In addition, data preprocessing was performed using three methods to identify the most relevant features. This paper explores the issue of improving the DDOS attack detection accuracy using the latest dataset named CICDDoS2019, which has over 50 million records. Because we employed an extensive dataset for this investigation, our findings are trustworthy and practical. Our target class (attack class) was imbalanced. Therefore, we used two techniques to deal with imbalanced data in machine learning. The XGboost machine learning model provided the best detection accuracy of (99.9999%) after applying the SMOTE approach to the target class, outperforming recently developed DDoS detection systems. To the best of our knowledge, no other research has worked on the most recent dataset with over 50 million records, addresses the statistical technique to select the most significant feature, has this high accuracy, and suggests ways to avoid DDOS attackI.

Cryptography and Security

Fei Wang,Hailong Wang,Xiaofeng Wang,Jinshu Su

DOI: https://doi.org/10.1016/j.mcm.2011.02.025

2011-01-01

Mathematical and Computer Modelling

Abstract:Detection of distributed denial of service (DDoS) attacks has been a challenging problem for network security. Most of the existing works take into account the anomaly features of the traffic caused by DDoS. However, these detection methods suffer from either less generality or high computational and memory costs in detecting subtle DDoS attacks. In this paper, we first present a model for DDoS attacks with quantitative measurements. Based on this model, we find that there are two factors that have a severe influence on the deviation of traffic features. In view of these two factors, the DDoS attack traffic observed by monitors can be trivial, leading to the subtle DDoS attacks which are difficult to detect. To detect the subtle DDoS anomalies at monitors close to the attack sources, we propose a novel multistage DDoS detection framework that consists of a NTS (Network Traffic State) prediction, a fine-grained singularity detection and a malicious address extraction engine. We also briefly introduced how to distribute our detection framework to enhance the performance of detecting world-wide DDoS attacks. Moreover, the prototype system is implemented and evaluated with real network traces from our campus network and testbed. The results show that our method can detect various DDoS attacks efficiently even though the attack rate is low. Our method can extract malicious IPs for attack reaction with records for a short period, and multiple monitors distributed in the network can fuse the results of extraction seamlessly to improve the accuracy of detection

Deepak Kshirsagar,Sandeep Kumar

DOI: https://doi.org/10.1007/s12652-021-02907-5

IF: 3.662

2021-01-28

Journal of Ambient Intelligence and Humanized Computing

Abstract:The hacker attempts distributed denial of service (DDoS) attacks towards network resources to disturb or deny services. The hacker degrades the quality of service to legitimate users by performing reflection and exploitation based DDoS attacks with a trusted third party server that hides information of the attacker. It is, therefore, necessary to propose an intelligent intrusion detection system to detect reflection and exploitation based DDoS attacks efficiently and effectively. The present study proposes a feature reduction method by the combination of information gain (IG) and correlation (CR) feature selection techniques. This study presents a DDoS attack detection framework to detect reflection and exploitation based DDoS attacks in an efficient manner. The framework is tested on the latest DDoS evaluation (CICDDoS2019) dataset with J48 classifier. The feature reduction method obtains minimum and maximum reduction by 56 and 82.92% respectively, of the original features. The experimentation results show that the proposed framework outperforms using a reduced features subset. The validation of the proposed framework on knowledge discovery and data mining (KDD Cup 1999) dataset provides improvement in performance for binary and multi-level classification using feature reduction by 60.97% of the original features. The proposed feature reduction method is also compared to the relevant existing feature selection methods used for intrusion detection on CICDoS 2019 and KDD Cup 1999 datasets.

computer science, information systems,telecommunications, artificial intelligence

Andi Maslan,Kamaruddin Malik Bin Mohamad,Abdul Hamid,Hotma Pangaribuan,Sunarsan Sitohang

DOI: https://doi.org/10.30630/joiv.7.3.1533

2023-09-10

Abstract:Various forms of distributed denial of service (DDoS) assault systems and servers, including traffic overload, request overload, and website breakdowns. Heuristic-based DDoS attack detection is a combination of anomaly-based and pattern-based methods, and it is one of three DDoS attack detection techniques available. The pattern-based method compares a sequence of data packets sent across a computer network using a set of criteria. However, it cannot identify modern assault types, and anomaly-based methods take advantage of the habits that occur in a system. However, this method is difficult to apply because the accuracy is still low, and the false positives are relatively high. Therefore, this study proposes feature selection based on Hybrid N-Gram Heuristic Techniques. The research starts with the conversion process, package extract, and hex payload analysis, focusing on the HTTP protocol. The results show the Hybrid N-Gram Heuristic-based feature selection for the CIC-2017 dataset with the SVM algorithm on the CSDPayload+N-Gram feature with a 4-Gram accuracy rate of 99.86%, MIB- Dataset 2016 with the 2016 algorithm. SVM and CSPayload feature +N-Gram with 100% accuracy for 4-Gram, H2N-Payload Dataset with SVM Algorithm, and CSDPayload+N-Gram feature with 100% accuracy for 4-Gram. As a comparison, the KNN algorithm for 4-Gram has an accuracy rate of 99.44%, and the Neural Network Algorithm has an accuracy rate of 100% for 4-Gram. Thus, the best algorithm for DDoS detection is SVM with Hybrid N-Gram (4-Gram).

Paul Badu Yakubu,Evans Owusu,Lesther Santana,Mohamed Rahouti,Abdellah Chehri,Kaiqi Xiong

2024-11-05

Abstract:Denial of Service (DoS) attacks pose a significant threat in the realm of AI systems security, causing substantial financial losses and downtime. However, AI systems' high computational demands, dynamic behavior, and data variability make monitoring and detecting DoS attacks challenging. Nowadays, statistical and machine learning (ML)-based DoS classification and detection approaches utilize a broad range of feature selection mechanisms to select a feature subset from networking traffic datasets. Feature selection is critical in enhancing the overall model performance and attack detection accuracy while reducing the training time. In this paper, we investigate the importance of feature selection in improving ML-based detection of DoS attacks. Specifically, we explore feature contribution to the overall components in DoS traffic datasets by utilizing statistical analysis and feature engineering approaches. Our experimental findings demonstrate the usefulness of the thorough statistical analysis of DoS traffic and feature engineering in understanding the behavior of the attack and identifying the best feature selection for ML-based DoS classification and detection.

Cryptography and Security,Artificial Intelligence,Machine Learning

Daoqi Han,Honghui Li,Xueliang Fu

DOI: https://doi.org/10.3390/s24196179

IF: 3.9

2024-09-25

Sensors

Abstract:The fast growth of the Internet has made network security problems more noticeable, so intrusion detection systems (IDSs) have become a crucial tool for maintaining network security. IDSs guarantee the normal operation of the network by tracking network traffic and spotting possible assaults, thereby safeguarding data security. However, traditional intrusion detection methods encounter several issues such as low detection efficiency and prolonged detection time when dealing with massive and high-dimensional data. Therefore, feature selection (FS) is particularly important in IDSs. By selecting the most representative features, it can not only improve the detection accuracy but also significantly reduce the computational complexity and attack detection time. This work proposes a new FS approach, BPSO-SA, that is based on the Binary Particle Swarm Optimization (BPSO) and Simulated Annealing (SA) algorithms. It combines these with the Gray Wolf Optimization (GWO) algorithm to optimize the LightGBM model, thereby building a new type of reflective Distributed Denial of Service (DDoS) attack detection model. The BPSO-SA algorithm enhances the global search capability of Particle Swarm Optimization (PSO) using the SA mechanism and effectively screens out the optimal feature subset; the GWO algorithm optimizes the hyperparameters of LightGBM by simulating the group hunting behavior of gray wolves to enhance the detection performance of the model. While showing great resilience and generalizing power, the experimental results show that the proposed reflective DDoS attack detection model surpasses conventional methods in terms of detection accuracy, precision, recall, F1-score, and prediction time.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Kishore Babu Dasari,Nagaraju Devarakonda

DOI: https://doi.org/10.18280/ria.360107

2022-02-28

Abstract:The Distributed Denial of Service (DDoS) attack is a serious cyber security attack that attempts to disrupt the availability security principle of computer networks and information systems. It's critical to detect DDoS attacks quickly and accurately while using as less computing power as possible in order to minimize damage and cost efficient. This research proposes a fast and high-accuracy detection approach by using features selected by proposed method for Exploitation-based DDoS attacks. Experiments are carried out on the CICDDoS2019 datasets Syn flood, UDP flood, and UDP-Lag, as well as customized dataset. In addition, experiments were also conducted on a customized dataset that was constructed by combining three CICDDoS2019 datasets. Pearson, Spearman, and Kendall correlation techniques have been used for datasets to find un-correlated feature subsets. Then, among three un-correlated feature subsets, choose the common un-correlated features. On the datasets, classification techniques are applied to these common un-correlated features. This research used conventional classifiers Logistic regression, Decision tree, KNN, Naive Bayes, bagging classifier Random forest, boosting classifiers Ada boost, Gradient boost, and neural network-based classifier Multilayer perceptron. The performance of these classification algorithms was also evaluated in terms of accuracy, precision, recall, F1-score, specificity, log loss, execution time, and K-fold cross-validation. Finally, classification techniques were tested on a customized dataset with common features that were common in all of the dataset’s common un-correlated feature sets.

Daniyal Alghazzawi,Omaimah Bamasag,Hayat Ullah,Muhammad Zubair Asghar

DOI: https://doi.org/10.3390/app112411634

2021-12-08

Applied Sciences

Abstract:DDoS (Distributed Denial of Service) attacks have now become a serious risk to the integrity and confidentiality of computer networks and systems, which are essential assets in today’s world. Detecting DDoS attacks is a difficult task that must be accomplished before any mitigation strategies can be used. The identification of DDoS attacks has already been successfully implemented using machine learning/deep learning (ML/DL). However, due to an inherent limitation of ML/DL frameworks—so-called optimal feature selection—complete accomplishment is likewise out of reach. This is a case in which a machine learning/deep learning-based system does not produce promising results for identifying DDoS attacks. At the moment, existing research on forecasting DDoS attacks has yielded a variety of unexpected predictions utilising machine learning (ML) classifiers and conventional approaches for feature encoding. These previous efforts also made use of deep neural networks to extract features without having to maintain the track of the sequence information. The current work suggests predicting DDoS attacks using a hybrid deep learning (DL) model, namely a CNN with BiLSTM (bidirectional long/short-term memory), in order to effectively anticipate DDoS attacks using benchmark data. By ranking and choosing features that scored the highest in the provided data set, only the most pertinent features were picked. Experiment findings demonstrate that the proposed CNN-BI-LSTM attained an accuracy of up to 94.52 percent using the data set CIC-DDoS2019 during training, testing, and validation.

Duy-Cat Can,Hoang-Quynh Le,Quang-Thuy Ha

DOI: https://doi.org/10.1007/978-3-030-73280-6_31

2021-01-01

Abstract:With the development of technology, the highly accessible internet service is the biggest demand for most people. Online network, however, has been suffering from malicious attempts to disrupt essential web technologies, resulting in service failures. In this work, we introduced a model to detect and classify Distributed Denial of Service attacks based on neural networks that take advantage of a proposed automatic feature selection component. The experimental results on CIC-DDoS 2019 dataset have demonstrated that our proposed model outperformed other machine learning-based model by large margin. We also investigated the effectiveness of weighted loss and hinge loss on handling the class imbalance problem.

Kun Wang,Yu Fu,Xueyuan Duan,Taotao Liu

DOI: https://doi.org/10.1038/s41598-024-66907-z

2024-07-16

Abstract:Due to the large computational overhead, underutilization of features, and high bandwidth consumption in traditional SDN environments for DDoS attack detection and mitigation methods, this paper proposes a two-stage detection and mitigation method for DDoS attacks in SDN based on multi-dimensional characteristics. Firstly, an analysis of the traffic statistics from the SDN switch ports is performed, which aids in conducting a coarse-grained detection of DDoS attacks within the network. Subsequently, a Multi-Dimensional Deep Convolutional Classifier (MDDCC) is constructed using wavelet decomposition and convolutional neural networks to extract multi-dimensional characteristics from the traffic data passing through suspicious switches. Based on these extracted multi-dimensional characteristics, a simple classifier can be employed to accurately detect attack samples. Finally, by integrating graph theory with restrictive strategies, the source of attacks in SDN networks can be effectively traced and isolated. The experimental results indicate that the proposed method, which utilizes a minimal amount of statistical information, can quickly and accurately detect attacks within the SDN network. It demonstrates superior accuracy and generalization capabilities compared to traditional detection methods, especially when tested on both simulated and public datasets. Furthermore, by isolating the affected nodes, the method effectively mitigates the impact of the attacks, ensuring the normal transmission of legitimate traffic during network attacks. This approach not only enhances the detection capabilities but also provides a robust mechanism for containing the spread of cyber threats, thereby safeguarding the integrity and performance of the network.

Ashfaq Ahmad Najar,Manohar Naik Sugali,Faisal Rasheed Lone,Azra Nazir

DOI: https://doi.org/10.1002/cpe.8157

2024-06-04

Concurrency and Computation Practice and Experience

Abstract:Summary Among the recent network security issues, Distributed Denial of Service (DDoS) attack is one of the most dangerous threats in today's cyberspace that can disrupt essential services. These attacks compromise network security by flooding the target with malicious traffic. Several researchers have designed effective DDoS detection mechanisms using machine learning (ML) and deep learning (DL)‐based techniques. However, existing detection approaches paid less attention to issues such as class imbalance, multi‐classification, or computational cost of the models, especially time. In this study, we propose a novel framework for detecting and classifying DDoS attacks with high accuracy and low computational cost. To address the class imbalance, we employ random sampling, while feature selection techniques such as low information gain, quasi‐constant elimination, and principal component analysis are utilized for optimal feature selection and reduction. Our proposed CNN‐based model achieves outstanding performance, boasting an accuracy of 99.99% for binary classification and 98.44% for multi‐classification. The proposed model is compared to existing works and baseline line models and found to be effective in binary and multi‐classification.

computer science, theory & methods, software engineering

Muhammad Aamir,Syed Mustafa Ali Zaidi

DOI: https://doi.org/10.1007/s10207-019-00434-1

2019-04-11

International Journal of Information Security

Abstract:This paper applies an organized flow of feature engineering and machine learning to detect distributed denial-of-service (DDoS) attacks. Feature engineering has a focus to obtain the datasets of different dimensions with significant features, using feature selection methods of backward elimination, chi2, and information gain scores. Different supervised machine learning models are applied on the feature-engineered datasets to demonstrate the adaptability of datasets for machine learning under optimal tuning of parameters within given sets of values. The results show that substantial feature reduction is possible to make DDoS detection faster and optimized with minimal performance hit. The paper proposes a strategic-level framework which incorporates the necessary elements of feature engineering and machine learning with a defined flow of experimentation. The models are also validated with cross-validation and evaluated for area-under-curve analyses. It provides comprehensive solutions which can be trusted to avoid the overfitting and collinearity problems of data while detecting DDoS attacks. In the case study of DDoS datasets, K-nearest neighbors algorithm overall exhibits the best performance followed by support vector machine, whereas low-dimensional datasets of discrete feature types perform better under the Random Forest model as compared to high dimensions with numerical features. The accuracy scores of dataset with the lowest number of features remain competitive with other datasets under all machine learning models, leading to a substantially reduced processing overhead. The experiments show that approximately 68% reduction in the feature space is possible with an impact of only about 0.03% on accuracy.

computer science, information systems, theory & methods, software engineering