Feature Selection for Robust Spoofing Detection: A Chi-Square-based Machine Learning Approach
Qais Al-Na’amneh, Mohammad Aljaidi, Hasan Gharaibeh, Ahmad Nasayreh, Rabia Emhamed Al Mamlook, Sattam Almatarneh, Dalia Alzu’bi, Abla Suliman Husien
Abstract
Nowadays, the Internet of Things (IoT) system is vulnerable to spoofing attacks that can easily where attackers can easily pose as a legal entity of the network. A “spoofing attack” refers to a type of cyber-attack when an attacker purposefully impersonates or masquerades as someone or something else to deceive the target or obtain unauthorized access to systems, information, or resources. In such attacks, the attacker alters their name, IP address, or other attributes to fool the victim into thinking they are engaging with a legitimate entity. Spoofing attacks can take place via a variety of channels, including, ARP and DNS spoofing. Therefore. Spoofing attacks can have serious consequences. We proposed a new approach based on three machine learning models LightGBM, Gradient Boost, and XGBoost to classify attacks on spoofing, we used Chi-square to select the best features to get the highest performance, and we demonstrated that the results using Chi-square achieved higher results than without Chi-square and improved the result with a rate three percent of accuracy. In terms of results, LightGBM outperformed other models by achieving 89%, 91 %, 87 %, and 89 % for accuracy, precision, recall, and f1-score, respectively. This shows the potential and efficiency of Chi-square to achieve the best performance by selecting the best features, thus providing a secure system and identifying cyber-attacks on systems.