Penerapan Algoritma Random Forest dan Support Vector Machine Untuk Deteksi Distributed Denial of Service

Distributed Denial of Service (DDoS) attacks significantly threaten the availability of modern network services by overwhelming resources with malicious traffic. The increasing complexity of these attacks, including multi-vector and low-rate variants, reduces the effectiveness of traditional detection methods based on signatures and static rules. This study explores the effectiveness of Random Forest (RF) and Support Vector Machine (SVM) algorithms in detecting DDoS attacks using the CICDDoS2019 dataset, focusing on the impact of various decision threshold values on performance. The CICDDoS2019 dataset consists of 431,371 network traffic flows with 80 numerical features. Preprocessing involves eliminating null values, standardizing numerical attributes, and encoding labels into binary classifications of normal and DDoS traffic. The dataset is then divided into training and testing sets at a 70:30 ratio. Performance evaluation is done using a confusion matrix to calculate accuracy, precision, recall, and F1-score. Results show that both algorithms perform well, but Random Forest offers greater consistency, with a threshold of 0.5 achieving the best balance in metrics.