Preventing Data Leakage Risks from DDoS and Phishing Attacks using Random Forest Algorithm

Data leakage resulting from Distributed Denial of Service (DDoS) and phishing attacks poses a critical threat to the confidentiality, integrity, and availability of information systems. Traditional detection mechanisms such as signature-based systems and single-classifier machine learning models often struggle to detect novel or polymorphic attacks and suffer from high false positive rates. To effectively stop leakage of data, the research suggests a concept of a Random Forest (RF) based machine learning framework able to detect DDoS and phishing attack early and accurately without any failure in the detection process. The model is trained over a mixed dataset, including network-level and URL-based phishing features, and ratified with the help of six fundamental performance measures, including accuracy, TPR, FPR, precision, recall, and F1-score. The NS3 network simulator is used in simulations whereas the proposed RF model is compared to SVM and SNORT. As the results of the experiments show, not only the RF model is much superior to both baselines but also it surpasses the performance of the first in terms of accuracy, 98%, and the TPR, which approaches 99%, with the FPR being low. These results are congruous with the fact that the presented method will provide a viable and scalable solution to a multi-vector, in real-time intrusion system that could afford additional protection to intrusion causing data leakage to be identified in modern networks.