Cross-Dataset DDoS Intrusion Detection Using Hybrid Welch-Point-Biserial Feature Selection and DenseMLP

Abstract
Distributed Denial-of-Service (DDoS) attacks are one of the major threats in the cybersecurity domain. Lightweight feature selection is vital for improving DDoS attack detection efficiency and computational efficiency by selecting the most relevant features. Recently, numerous machine learning and deep learning models have been developed to detect various types of DDoS attacks; however, their performance is often hindered by the presence of irrelevant features, which can lead to increased false positives and longer processing times. To address this problem, we propose the WPBS-MLP Intrusion Detection System (IDS). The WPBS (Welch’s t-Test and Point Biserial Test) feature selection method is integrated with an optimized MLP classifier to detect DDoS attacks. It was evaluated on the CICDDoS2019, CICIDS2018, and CICIDS2017 publicly available intrusion detection datasets. The WPBS method selected 39 significant features from the CICDDoS2019 dataset, and these 39 features are retained and considered for experimentation w.r.t all datasets. The DenseMLP model achieved a range of 99.59% to 100% accuracy for binary classification and 84% to 100% accuracy for low-rate and high-rate attack detection across the three datasets. Further, the Wilcoxon statistical test provided validation evidence that the proposed WPBS-MLP-based IDS model showed superior performance compared to the existing research studies.
© 2026 Raghupathi Manthena, Radhakrishna Vangipuram, published by Bulgarian Academy of Sciences, Institute of Information and Communication Technologies
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License.