DDoS intrusion detection through ensemble and evolutionary methods

  • Michael Milliken

Student thesis: Doctoral Thesis


echnology is embedded in society. Systems/networks protection is paramount, vigilance against intrusions/attacks set to disrupt. Distributed Denial of Service (DDoS) attacks are increasingly commonplace in news and public consciousness. Research on feature selections requires effort and time, and has not been seen to explicitly infer relationships between features by default. Such an approach may allow for a data agnostic approach requiring fewer efforts/resources while improving results. Stacking and other ensemble methods in Network Intrusion domain has not been seen to use large disparate sets of Base Level Classifiers (BLC). How well a large set may perform across a number of more recent datasets is worth exploration. With a large set of BLCs, it is found that less than the full set performs better, and large sets may be resource intensive. Method of exploring the best performing subset requires consideration given the large problem space. First study focuses on IP/Port explicit pairings, a data agnostic approach declaring direct relationships for some key attributes. Pairings show improved detections, on all features and subsets. Second study focuses on individual algorithms and their ensemble, determining how well individuals and the large size ensemble performs in Network Intrusion Detection domain. Limitations of large ensembles are exposed. Third study explores evolving second study ensembles determining those that may outperform both full and previous ensembles, leading to a natural improvement of results through this evolution where small sets are found to be Pareto Optimal (PO). The thesis proposes allow resource approach for feature selection, reveals limitations of large BLC sets for stacking in Network Intrusion Detection (NID) and how unseen ensembles in the domain may be evolved. Overall, further exploration of diverse sets of BLCs for Stacking is encouraged to further explore PO ensembles.
Date of AwardFeb 2023
Original languageEnglish
SponsorsDepartment of Education and Learning (DEL)
SupervisorGlenn Hawe (Supervisor), Yaxin Bi (Supervisor) & Leo Galway (Supervisor)


  • Network security
  • Machine learning

Cite this