Deep Learning with an LSTM-Based Defence Mechanism for DDoS Attacks in WSNs

DDoS (Distributed Denial of Service) attacks have become a pressing threat to the security and integrity of computer networks and information systems, which are indispensable infrastructures of modern times. The detection of DDoS attacks is a challenging issue before any mitigation measures can be taken. ML/DL (Machine Learning/Deep Learning) has been applied to the detection of DDoS attacks with satisfactory achievement. However, full-scale success is still beyond reach due to an inherent problem with ML/DL-based systems—the so-called Open Set Recognition (OSR) problem. This is a problem where an ML/DL-based system fails to deal with new instances not drawn from the distribution model of the training data. This problem is particularly profound in detecting DDoS attacks since DDoS attacks’ technology keeps evolving and has changing traffic characteristics. This study investigates the impact of the OSR problem on the detection of DDoS attacks. In response to this problem, we propose a new DDoS detection framework featuring Bi-Directional Long Short-Term Memory (BI-LSTM), a Gaussian Mixture Model (GMM), and incremental learning. Unknown traffic captured by the GMM are subject to discrimination and labeling by traffic engineers, and then fed back to the framework as additional training samples. Using the data sets CIC-IDS2017 and CIC-DDoS2019 for training, testing, and evaluation, experiment results show that the proposed BI-LSTM-GMM can achieve recall, precision, and accuracy up to 94%. Experiments reveal that the proposed framework can be a promising solution to the detection of unknown DDoS attacks.

Download Full-text

A Review of Deep Learning IDS for DDoS Attacks in WLANs

10.1145/3484824.3484897 ◽

2021 ◽

Author(s):

Julius Silaa ◽

Hippolyte Muyingi ◽

Attlee Gamundani

Keyword(s):

Deep Learning ◽

Ddos Attacks

Download Full-text

An Efficient Method for Detection of DDoS Attacks on the Web Using Deep Learning Algorithms

International Journal of Advanced Trends in Computer Science and Engineering ◽

10.30534/ijatcse/2021/271042021 ◽

2021 ◽

Vol 10 (4) ◽

pp. 2821-2829

Keyword(s):

Neural Network ◽

Deep Learning ◽

Deep Neural Network ◽

State Of The Art ◽

Ddos Attacks ◽

Problem Statement ◽

Neural Network Approach ◽

Learning Techniques ◽

Attack Data ◽

Deep Learning Neural Network

Recently, DDoS attacks is the most significant threat in network security. Both industry and academia are currently debating how to detect and protect against DDoS attacks. Many studies are provided to detect these types of attacks. Deep learning techniques are the most suitable and efficient algorithm for categorizing normal and attack data. Hence, a deep neural network approach is proposed in this study to mitigate DDoS attacks effectively. We used a deep learning neural network to identify and classify traffic as benign or one of four different DDoS attacks. We will concentrate on four different DDoS types: Slowloris, Slowhttptest, DDoS Hulk, and GoldenEye. The rest of the paper is organized as follow: Firstly, we introduce the work, Section 2 defines the related works, Section 3 presents the problem statement, Section 4 describes the proposed methodology, Section 5 illustrate the results of the proposed methodology and shows how the proposed methodology outperforms state-of-the-art work and finally Section VI concludes the paper.

Download Full-text

Towards Effective Detection of Recent DDoS Attacks: A Deep Learning Approach

Security and Communication Networks ◽

10.1155/2021/5710028 ◽

2021 ◽

Vol 2021 ◽

pp. 1-14

Author(s):

Ivandro Ortet Lopes ◽

Deqing Zou ◽

Francis A Ruambo ◽

Saeed Akbar ◽

Bin Yuan

Keyword(s):

Deep Learning ◽

Intrusion Detection System ◽

State Of The Art ◽

Detection System ◽

Denial Of Service ◽

Model Performance ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Validation Metrics ◽

High Processing

Distributed Denial of Service (DDoS) is a predominant threat to the availability of online services due to their size and frequency. However, developing an effective security mechanism to protect a network from this threat is a big challenge because DDoS uses various attack approaches coupled with several possible combinations. Furthermore, most of the existing deep learning- (DL-) based models pose a high processing overhead or may not perform well to detect the recently reported DDoS attacks as these models use outdated datasets for training and evaluation. To address the issues mentioned earlier, we propose CyDDoS, an integrated intrusion detection system (IDS) framework, which combines an ensemble of feature engineering algorithms with the deep neural network. The ensemble feature selection is based on five machine learning classifiers used to identify and extract the most relevant features used by the predictive model. This approach improves the model performance by processing only a subset of relevant features while reducing the computation requirement. We evaluate the model performance based on CICDDoS2019, a modern and realistic dataset consisting of normal and DDoS attack traffic. The evaluation considers different validation metrics such as accuracy, precision, F1-Score, and recall to argue the effectiveness of the proposed framework against state-of-the-art IDSs.

Download Full-text

Detection of Unknown DDoS Attacks with Deep Learning and Gaussian Mixture Model

10.1109/icict52872.2021.00012 ◽

2021 ◽

Author(s):

Thanh-Tuan Nguyen ◽

Chin-Shiuh Shieh ◽

Chi-Hong Chen ◽

Denis Miu

Keyword(s):

Deep Learning ◽

Gaussian Mixture Model ◽

Mixture Model ◽

Gaussian Mixture ◽

Ddos Attacks

Download Full-text

A Deep Learning Approach for Detection of Application Layer Attacks in Internet

Handling Priority Inversion in Time-Constrained Distributed Databases - Advances in Data Mining and Database Management ◽

10.4018/978-1-7998-2491-6.ch010 ◽

2020 ◽

pp. 175-188

Author(s):

V. Punitha ◽

C. Mala

Keyword(s):

Deep Learning ◽

Transport Layer ◽

Classification Model ◽

Learning Approach ◽

Ddos Attacks ◽

Application Layer ◽

Learning Models ◽

Technological Transformation ◽

Application Deployment ◽

Machine Learning Models

The recent technological transformation in application deployment, with the enriched availability of applications, induces the attackers to shift the target of the attack to the services provided by the application layer. Application layer DoS or DDoS attacks are launched only after establishing the connection to the server. They are stealthier than network or transport layer attacks. The existing defence mechanisms are unproductive in detecting application layer DoS or DDoS attacks. Hence, this chapter proposes a novel deep learning classification model using an autoencoder to detect application layer DDoS attacks by measuring the deviations in the incoming network traffic. The experimental results show that the proposed deep autoencoder model detects application layer attacks in HTTP traffic more proficiently than existing machine learning models.

Download Full-text

Adaptive Anomaly Detection Framework Model Objects in Cyberspace

Applied Bionics and Biomechanics ◽

10.1155/2020/6660489 ◽

2020 ◽

Vol 2020 ◽

pp. 1-14

Author(s):

Hasan Alkahtani ◽

Theyazn H. H. Aldhyani ◽

Mohammed Al-Yaari

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Network Security ◽

Anomaly Detection ◽

Denial Of Service ◽

Learning Algorithms ◽

Machine Learning Algorithms ◽

Support Vector ◽

Ddos Attacks ◽

Framework Model

Telecommunication has registered strong and rapid growth in the past decade. Accordingly, the monitoring of computers and networks is too complicated for network administrators. Hence, network security represents one of the biggest serious challenges that can be faced by network security communities. Taking into consideration the fact that e-banking, e-commerce, and business data will be shared on the computer network, these data may face a threat from intrusion. The purpose of this research is to propose a methodology that will lead to a high level and sustainable protection against cyberattacks. In particular, an adaptive anomaly detection framework model was developed using deep and machine learning algorithms to manage automatically-configured application-level firewalls. The standard network datasets were used to evaluate the proposed model which is designed for improving the cybersecurity system. The deep learning based on Long-Short Term Memory Recurrent Neural Network (LSTM-RNN) and machine learning algorithms namely Support Vector Machine (SVM), K-Nearest Neighbor (K-NN) algorithms were implemented to classify the Denial-of-Service attack (DoS) and Distributed Denial-of-Service (DDoS) attacks. The information gain method was applied to select the relevant features from the network dataset. These network features were significant to improve the classification algorithm. The system was used to classify DoS and DDoS attacks in four stand datasets namely KDD cup 199, NSL-KDD, ISCX, and ICI-ID2017. The empirical results indicate that the deep learning based on the LSTM-RNN algorithm has obtained the highest accuracy. The proposed system based on the LSTM-RNN algorithm produced the highest testing accuracy rate of 99.51% and 99.91% with respect to KDD Cup’99, NSL-KDD, ISCX, and ICI-Id2017 datasets, respectively. A comparative result analysis between the machine learning algorithms, namely SVM and KNN, and the deep learning algorithms based on the LSTM-RNN model is presented. Finally, it is concluded that the LSTM-RNN model is efficient and effective to improve the cybersecurity system for detecting anomaly-based cybersecurity.

Download Full-text

An effective defence mechanism for Distributed Denial-of-Service (DDoS) attacks using router-based techniques

International Journal of Critical Infrastructures ◽

10.1504/ijcis.2010.029577 ◽

2010 ◽

Vol 6 (1) ◽

pp. 73

Author(s):

Saravanan Kumarasamy

Keyword(s):

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Defence Mechanism

Download Full-text

Detecting Domain Generation Algorithms to prevent DDoS attacks using Deep Learning

2019 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS) ◽

10.1109/ants47819.2019.9118156 ◽

2019 ◽

Author(s):

Subham Kumar ◽

Ashutosh Bhatia

Keyword(s):

Deep Learning ◽

Ddos Attacks

Download Full-text

Deep Learning Method for Prediction of DDoS Attacks on Social Media

Advances in Data Science and Adaptive Analysis ◽

10.1142/s2424922x19500025 ◽

2019 ◽

Vol 11 (01n02) ◽

pp. 1950002

Author(s):

Rasim M. Alguliyev ◽

Ramiz M. Aliguliyev ◽

Fargana J. Abdullayeva

Keyword(s):

Social Media ◽

Deep Learning ◽

Social Networking ◽

Cyber Attacks ◽

Test Accuracy ◽

Learning Method ◽

Ddos Attacks ◽

Twitter Data ◽

Social Events

Recently, data collected from social media enable to analyze social events and make predictions about real events, based on the analysis of sentiments and opinions of users. Most cyber-attacks are carried out by hackers on the basis of discussions on social media. This paper proposes the method that predicts DDoS attacks occurrence by finding relevant texts in social media. To perform high-precision classification of texts to positive and negative classes, the CNN model with 13 layers and improved LSTM method are used. In order to predict the occurrence of the DDoS attacks in the next day, the negative and positive sentiments in social networking texts are used. To evaluate the efficiency of the proposed method experiments were conducted on Twitter data. The proposed method achieved a recall, precision, [Formula: see text]-measure, training loss, training accuracy, testing loss, and test accuracy of 0.85, 0.89, 0.87, 0.09, 0.78, 0.13, and 0.77, respectively.

Download Full-text