Telecom service providers operate and control complex network infrastructurernused for data transmission. However, security issues have been among the mostrnserious problems for service providers in general and ethio telecom in particularly.rnOne of the main security problems that become the hardest and most seriousrnthreat is called Distributed Denial of Service (DDoS) attacks speciï¬cally Synchronizern(SYN) ï¬‚ood attack. Nowadays, different researchers to detect and preventrnSYN ï¬‚ood attack recommended several statistical detection methods. However,rndue to the dynamic behavior of attack has been challenged to detect using existingrndetection approaches.rnThis research focused on the performance evaluation classiï¬cation machine learningrn(ML) algorithms for detection SYN ï¬‚ood attack. The classiï¬cation modelsrntrained and tested with packet captured (PCAP) dataset has been used and gatheredrnfrom ethio telecom network by generated and captured using Hping3rnandrnWireshark tools respectively. This dataset has been further preprocessed and evaluatedrnusing four classiï¬cation ML algorithms and three training approaches. Thernimplementation has been performed using WEKA (Waikato Environment for KnowledgernAnalysis) data mining tool.rnThe experimental results show J48 algorithm performs with 98.57% of accuracyrnand AdaBoost, NaÃ¯ve Bayes and ANN algorithms with 98.52%, 95.31% and 94.85%rnof accuracy respectively. The ï¬rst reason was that the J48 algorithm is more efï¬cientrnthan the other algorithms; it has been used as a pruning technique in orderrnto reduce the complexity of the ï¬nal classiï¬er and to prevent over ï¬tting the data.rnThe second reason was the ability to learn mechanisms. Therefore, based on thernperformance evaluation result model with J48 algorithm has been recommendedrnfor SYN attack detection.