Advances in technology and the rapid development of the internet have created more opportunities for hackers to obtain information and data, creating the need to protect more and more information and data. Network vulnerabilities are also caused by more open knowledge of hacking. Distributed denial of service (DDoS) is an attack in which multiple attackers flood a server with packets, keeping the server busy processing many packet requests and slowing down the server’s performance. A lot of research has been done to detect DDoS attacks. However, the research conducted still uses older datasets that do not track the evolution of DDoS attack trends. This study provides a classification of the CICIDS2018 DDoS attack record. The extracted dataset also requires feature selection to reduce data training time in the process of increasing the efficiency of classification algorithms. In this study, we use the information gain method to perform feature selection in order to search for features that have a large impact on whether an outgoing packet is a DDoS attack. A random forest method is used to create the predictive model. Performing feature selection on the CICIDS2018 dataset using the information acquisition method yielded nine best features, including src_ip, dst_ip, flow_duration, flow_iat_max, fwd_iat_max, and bwd_iat_tot. Based on validation analyis, accuracy of DDoS attack detection without and with tuning proses are 93% and 97.2%, respectively.