scholarly journals Efficient Detection of DDoS Attacks Using a Hybrid Deep Learning Model with Improved Feature Selection

2021 ◽  
Vol 11 (24) ◽  
pp. 11634
Author(s):  
Daniyal Alghazzawi ◽  
Omaima Bamasaq ◽  
Hayat Ullah ◽  
Muhamad Zubair Asghar
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Deep Learning ◽  
Short Term Memory ◽  
Denial Of Service ◽  
Mitigation Strategies ◽  
Sequence Information ◽  
Ddos Attacks ◽  
Data Set ◽  
Efficient Detection

DDoS (Distributed Denial of Service) attacks have now become a serious risk to the integrity and confidentiality of computer networks and systems, which are essential assets in today’s world. Detecting DDoS attacks is a difficult task that must be accomplished before any mitigation strategies can be used. The identification of DDoS attacks has already been successfully implemented using machine learning/deep learning (ML/DL). However, due to an inherent limitation of ML/DL frameworks—so-called optimal feature selection—complete accomplishment is likewise out of reach. This is a case in which a machine learning/deep learning-based system does not produce promising results for identifying DDoS attacks. At the moment, existing research on forecasting DDoS attacks has yielded a variety of unexpected predictions utilising machine learning (ML) classifiers and conventional approaches for feature encoding. These previous efforts also made use of deep neural networks to extract features without having to maintain the track of the sequence information. The current work suggests predicting DDoS attacks using a hybrid deep learning (DL) model, namely a CNN with BiLSTM (bidirectional long/short-term memory), in order to effectively anticipate DDoS attacks using benchmark data. By ranking and choosing features that scored the highest in the provided data set, only the most pertinent features were picked. Experiment findings demonstrate that the proposed CNN-BI-LSTM attained an accuracy of up to 94.52 percent using the data set CIC-DDoS2019 during training, testing, and validation.

Mitigating DDoS Attacks in Wireless Sensor Networks using Heuristic Feature Selection with Deep Learning Model

2019 ◽  
pp. 65-74
Author(s):  
Abdul Rahaman Wahab Sait ◽  
◽  
Irina Pustokhina ◽  
M. Ilayaraja ◽  
◽  
...  
Keyword(s):  
Feature Selection ◽  
Deep Learning ◽  
Short Term Memory ◽  
Denial Of Service ◽  
Fruit Fly ◽  
Attack Detection ◽  
Classification Model ◽  
Wireless Sensor ◽  
Ddos Attacks ◽  
Ddos Attack

A wireless sensor network (WSN) encompasses a massive set of sensors with limited abilities for gathering sensitive data. Since security is a significant issue in WSN, there is a possibility of different types of attacks. In Distributed Denial of Service (DDOS) attack, the malicious node can adapt to several attacks, namely flooding, black hole, warm hole, etc., to interrupt the working of the WSN. The recently developed deep learning (DL) models can effectively detect DDoS attacks in the network. Therefore, this article proposes a heuristic feature selection with a Deep Learning-based DDoS (HFSDL-DDoS) attack detection model in WSN. The proposed HFSDL-DDoS technique intends to identify and categorize the occurrence of DDoS attacks in WSN. In addition, the HFSDL-DDoS technique involves the immune clonal genetic algorithm (ICGA) based feature selection (FS) approach to improve the detection performance. Moreover, a fruit fly algorithm (FFA) with bidirectional long, short-term memory (BiLSTM) based classification model is employed. The experimental analysis of the HFSDL-DDoS technique is performed, and the results are examined interms of several performance measures. The resultant experimental results pointed out the betterment of the HFSDL-DDoS technique over the other techniques.

scholarly journals Adaptive Anomaly Detection Framework Model Objects in Cyberspace

2020 ◽  
Vol 2020 ◽  
pp. 1-14
Author(s):  
Hasan Alkahtani ◽  
Theyazn H. H. Aldhyani ◽  
Mohammed Al-Yaari
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Network Security ◽  
Anomaly Detection ◽  
Denial Of Service ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Support Vector ◽  
Ddos Attacks ◽  
Framework Model

Telecommunication has registered strong and rapid growth in the past decade. Accordingly, the monitoring of computers and networks is too complicated for network administrators. Hence, network security represents one of the biggest serious challenges that can be faced by network security communities. Taking into consideration the fact that e-banking, e-commerce, and business data will be shared on the computer network, these data may face a threat from intrusion. The purpose of this research is to propose a methodology that will lead to a high level and sustainable protection against cyberattacks. In particular, an adaptive anomaly detection framework model was developed using deep and machine learning algorithms to manage automatically-configured application-level firewalls. The standard network datasets were used to evaluate the proposed model which is designed for improving the cybersecurity system. The deep learning based on Long-Short Term Memory Recurrent Neural Network (LSTM-RNN) and machine learning algorithms namely Support Vector Machine (SVM), K-Nearest Neighbor (K-NN) algorithms were implemented to classify the Denial-of-Service attack (DoS) and Distributed Denial-of-Service (DDoS) attacks. The information gain method was applied to select the relevant features from the network dataset. These network features were significant to improve the classification algorithm. The system was used to classify DoS and DDoS attacks in four stand datasets namely KDD cup 199, NSL-KDD, ISCX, and ICI-ID2017. The empirical results indicate that the deep learning based on the LSTM-RNN algorithm has obtained the highest accuracy. The proposed system based on the LSTM-RNN algorithm produced the highest testing accuracy rate of 99.51% and 99.91% with respect to KDD Cup’99, NSL-KDD, ISCX, and ICI-Id2017 datasets, respectively. A comparative result analysis between the machine learning algorithms, namely SVM and KNN, and the deep learning algorithms based on the LSTM-RNN model is presented. Finally, it is concluded that the LSTM-RNN model is efficient and effective to improve the cybersecurity system for detecting anomaly-based cybersecurity.

scholarly journals DDoS attack detection using deep learning

2021 ◽  
Vol 10 (2) ◽  
pp. 382
Author(s):  
Thapanarath Khempetch ◽  
Pongpisit Wuttidittachotti
Keyword(s):  
Deep Learning ◽  
Short Term Memory ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Ddos Attack ◽  
Attack Surface ◽  
Iot Devices ◽  
Ddos Attack Detection ◽  
Flow Of Information

<span id="docs-internal-guid-58e12f40-7fff-ea30-01f6-fbbed132b03c"><span>Nowadays, IoT devices are widely used both in daily life and in corporate and industrial environments. The use of these devices has increased dramatically and by 2030 it is estimated that their usage will rise to 125 billion devices causing enormous flow of information. It is likely that it will also increase distributed denial-of-service (DDoS) attack surface. As IoT devices have limited resources, it is impossible to add additional security structures to it. Therefore, the risk of DDoS attacks by malicious people who can take control of IoT devices, remain extremely high. In this paper, we use the CICDDoS2019 dataset as a dataset that has improved the bugs and introducing a new taxonomy for DDoS attacks, including new classification based on flows network. We propose DDoS attack detection using the deep neural network (DNN) and long short-term memory (LSTM) algorithm. Our results show that it can detect more than 99.90% of all three types of DDoS attacks. The results indicate that deep learning is another option for detecting attacks that may cause disruptions in the future.</span></span>

scholarly journals Machine Learning Classifiers for Twitter Surveillance of Vaping: Comparative Machine Learning Study

10.2196/17478 ◽  
2020 ◽  
Vol 22 (8) ◽  
pp. e17478 ◽  
Author(s):  
Shyam Visweswaran ◽  
Jason B Colditz ◽  
Patrick O’Halloran ◽  
Na-Rae Han ◽  
Sanya B Taneja ◽  
...  
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Surveillance System ◽  
Short Term Memory ◽  
Characteristic Curve ◽  
Superior Performance ◽  
Support Vector ◽  
Data Set ◽  
Machine Learning Classifiers ◽  
Learning Classifiers

Background Twitter presents a valuable and relevant social media platform to study the prevalence of information and sentiment on vaping that may be useful for public health surveillance. Machine learning classifiers that identify vaping-relevant tweets and characterize sentiments in them can underpin a Twitter-based vaping surveillance system. Compared with traditional machine learning classifiers that are reliant on annotations that are expensive to obtain, deep learning classifiers offer the advantage of requiring fewer annotated tweets by leveraging the large numbers of readily available unannotated tweets. Objective This study aims to derive and evaluate traditional and deep learning classifiers that can identify tweets relevant to vaping, tweets of a commercial nature, and tweets with provape sentiments. Methods We continuously collected tweets that matched vaping-related keywords over 2 months from August 2018 to October 2018. From this data set of tweets, a set of 4000 tweets was selected, and each tweet was manually annotated for relevance (vape relevant or not), commercial nature (commercial or not), and sentiment (provape or not). Using the annotated data, we derived traditional classifiers that included logistic regression, random forest, linear support vector machine, and multinomial naive Bayes. In addition, using the annotated data set and a larger unannotated data set of tweets, we derived deep learning classifiers that included a convolutional neural network (CNN), long short-term memory (LSTM) network, LSTM-CNN network, and bidirectional LSTM (BiLSTM) network. The unannotated tweet data were used to derive word vectors that deep learning classifiers can leverage to improve performance. Results LSTM-CNN performed the best with the highest area under the receiver operating characteristic curve (AUC) of 0.96 (95% CI 0.93-0.98) for relevance, all deep learning classifiers including LSTM-CNN performed better than the traditional classifiers with an AUC of 0.99 (95% CI 0.98-0.99) for distinguishing commercial from noncommercial tweets, and BiLSTM performed the best with an AUC of 0.83 (95% CI 0.78-0.89) for provape sentiment. Overall, LSTM-CNN performed the best across all 3 classification tasks. Conclusions We derived and evaluated traditional machine learning and deep learning classifiers to identify vaping-related relevant, commercial, and provape tweets. Overall, deep learning classifiers such as LSTM-CNN had superior performance and had the added advantage of requiring no preprocessing. The performance of these classifiers supports the development of a vaping surveillance system.

scholarly journals Detecting DDoS Attacks in Software-Defined Networks Through Feature Selection Methods and Machine Learning Models

2020 ◽  
Vol 12 (3) ◽  
pp. 1035 ◽  
Author(s):  
Huseyin Polat ◽  
Onur Polat ◽  
Aydin Cetin
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Denial Of Service ◽  
Attack Detection ◽  
Critical Threshold ◽  
Support Vector ◽  
Ddos Attacks ◽  
Selection Methods ◽  
Training Time ◽  
Ddos Attack

Software Defined Networking (SDN) offers several advantages such as manageability, scaling, and improved performance. However, SDN involves specific security problems, especially if its controller is defenseless against Distributed Denial of Service (DDoS) attacks. The process and communication capacity of the controller is overloaded when DDoS attacks occur against the SDN controller. Consequently, as a result of the unnecessary flow produced by the controller for the attack packets, the capacity of the switch flow table becomes full, leading the network performance to decline to a critical threshold. In this study, DDoS attacks in SDN were detected using machine learning-based models. First, specific features were obtained from SDN for the dataset in normal conditions and under DDoS attack traffic. Then, a new dataset was created using feature selection methods on the existing dataset. Feature selection methods were preferred to simplify the models, facilitate their interpretation, and provide a shorter training time. Both datasets, created with and without feature selection methods, were trained and tested with Support Vector Machine (SVM), Naive Bayes (NB), Artificial Neural Network (ANN), and K-Nearest Neighbors (KNN) classification models. The test results showed that the use of the wrapper feature selection with a KNN classifier achieved the highest accuracy rate (98.3%) in DDoS attack detection. The results suggest that machine learning and feature selection algorithms can achieve better results in the detection of DDoS attacks in SDN with promising reductions in processing loads and times.

scholarly journals Detection of Adversarial DDoS Attacks Using Generative Adversarial Networks with Dual Discriminators

Symmetry ◽  
2022 ◽  
Vol 14 (1) ◽  
pp. 66
Author(s):  
Chin-Shiuh Shieh ◽  
Thanh-Tuan Nguyen ◽  
Wan-Wei Lin ◽  
Yong-Lin Huang ◽  
Mong-Fong Horng ◽  
...  
Keyword(s):  
Machine Learning ◽  
Short Term Memory ◽  
Denial Of Service ◽  
Training Data ◽  
Generative Adversarial Networks ◽  
Ddos Attacks ◽  
Ddos Attack ◽  
Adversarial Networks ◽  
Ddos Detection ◽  
The Impact

DDoS (Distributed Denial of Service) has emerged as a serious and challenging threat to computer networks and information systems’ security and integrity. Before any remedial measures can be implemented, DDoS assaults must first be detected. DDoS attacks can be identified and characterized with satisfactory achievement employing ML (Machine Learning) and DL (Deep Learning). However, new varieties of aggression arise as the technology for DDoS attacks keep evolving. This research explores the impact of a new incarnation of DDoS attack–adversarial DDoS attack. There are established works on ML-based DDoS detection and GAN (Generative Adversarial Network) based adversarial DDoS synthesis. We confirm these findings in our experiments. Experiments in this study involve the extension and application of the GAN, a machine learning framework with symmetric form having two contending neural networks. We synthesize adversarial DDoS attacks utilizing Wasserstein Generative Adversarial Networks featuring Gradient Penalty (GP-WGAN). Experiment results indicate that the synthesized traffic can traverse the detection systems such as k-Nearest Neighbor (KNN), Multi-Layer Perceptron (MLP) and Random Forest (RF) without being identified. This observation is a sobering and pessimistic wake-up call, implying that countermeasures to adversarial DDoS attacks are urgently needed. To this problem, we propose a novel DDoS detection framework featuring GAN with Dual Discriminators (GANDD). The additional discriminator is designed to identify adversary DDoS traffic. The proposed GANDD can be an effective solution to adversarial DDoS attacks, as evidenced by the experimental results. We use adversarial DDoS traffic synthesized by GP-WGAN to train GANDD and validate it alongside three other DL technologies: DNN (Deep Neural Network), LSTM (Long Short-Term Memory) and GAN. GANDD outperformed the other DL models, demonstrating its protection with a TPR of 84.3%. A more sophisticated test was also conducted to examine GANDD’s ability to handle unseen adversarial attacks. GANDD was evaluated with adversarial traffic not generated from its training data. GANDD still proved effective with a TPR around 71.3% compared to 7.4% of LSTM.

scholarly journals Machine Learning Classifiers for Twitter Surveillance of Vaping: Comparative Machine Learning Study (Preprint)

2019 ◽  
Author(s):  
Shyam Visweswaran ◽  
Jason B Colditz ◽  
Patrick O’Halloran ◽  
Na-Rae Han ◽  
Sanya B Taneja ◽  
...  
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Surveillance System ◽  
Short Term Memory ◽  
Characteristic Curve ◽  
Superior Performance ◽  
Support Vector ◽  
Data Set ◽  
Machine Learning Classifiers ◽  
Learning Classifiers

BACKGROUND Twitter presents a valuable and relevant social media platform to study the prevalence of information and sentiment on vaping that may be useful for public health surveillance. Machine learning classifiers that identify vaping-relevant tweets and characterize sentiments in them can underpin a Twitter-based vaping surveillance system. Compared with traditional machine learning classifiers that are reliant on annotations that are expensive to obtain, deep learning classifiers offer the advantage of requiring fewer annotated tweets by leveraging the large numbers of readily available unannotated tweets. OBJECTIVE This study aims to derive and evaluate traditional and deep learning classifiers that can identify tweets relevant to vaping, tweets of a commercial nature, and tweets with provape sentiments. METHODS We continuously collected tweets that matched vaping-related keywords over 2 months from August 2018 to October 2018. From this data set of tweets, a set of 4000 tweets was selected, and each tweet was manually annotated for relevance (vape relevant or not), commercial nature (commercial or not), and sentiment (provape or not). Using the annotated data, we derived traditional classifiers that included logistic regression, random forest, linear support vector machine, and multinomial naive Bayes. In addition, using the annotated data set and a larger unannotated data set of tweets, we derived deep learning classifiers that included a convolutional neural network (CNN), long short-term memory (LSTM) network, LSTM-CNN network, and bidirectional LSTM (BiLSTM) network. The unannotated tweet data were used to derive word vectors that deep learning classifiers can leverage to improve performance. RESULTS LSTM-CNN performed the best with the highest area under the receiver operating characteristic curve (AUC) of 0.96 (95% CI 0.93-0.98) for relevance, all deep learning classifiers including LSTM-CNN performed better than the traditional classifiers with an AUC of 0.99 (95% CI 0.98-0.99) for distinguishing commercial from noncommercial tweets, and BiLSTM performed the best with an AUC of 0.83 (95% CI 0.78-0.89) for provape sentiment. Overall, LSTM-CNN performed the best across all 3 classification tasks. CONCLUSIONS We derived and evaluated traditional machine learning and deep learning classifiers to identify vaping-related relevant, commercial, and provape tweets. Overall, deep learning classifiers such as LSTM-CNN had superior performance and had the added advantage of requiring no preprocessing. The performance of these classifiers supports the development of a vaping surveillance system.

scholarly journals Software Defined Network Enabled Fog-to-Things Hybrid Deep Learning Driven Cyber Threat Detection System

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Ihtisham Ullah ◽  
Basit Raza ◽  
Sikandar Ali ◽  
Irshad Ahmed Abbasi ◽  
Samad Baseer ◽  
...  
Keyword(s):  
Deep Learning ◽  
Short Term Memory ◽  
Detection System ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Detection Accuracy ◽  
Software Defined Network ◽  
Centralized Control ◽  
Data Set ◽  
Iot Devices

Software Defined Network (SDN) is a next-generation networking architecture and its power lies in centralized control intelligence. The control plane of SDN can be extended to many underlying networks such as fog to Internet of Things (IoT). The fog-to-IoT is currently a promising architecture to manage a real-time large amount of data. However, most of the fog-to-IoT devices are resource-constrained and devices are widespread that can be potentially targeted with cyber-attacks. The evolving cyber-attacks are still an arresting challenge in the fog-to-IoT environment such as Denial of Service (DoS), Distributed Denial of Service (DDoS), Infiltration, malware, and botnets attacks. They can target varied fog-to-IoT agents and the whole network of organizations. The authors propose a deep learning (DL) driven SDN-enabled architecture for sophisticated cyber-attacks detection in fog-to-IoT environment to identify new attacks targeting IoT devices as well as other threats. The extensive simulations have been carried out using various DL algorithms and current state-of-the-art Coburg Intrusion Detection Data Set (CIDDS-001) flow-based dataset. For better analysis five DL models are compared including constructed hybrid DL models to distinguish the DL model with the best performance. The results show that proposed Long Short-Term Memory (LSTM) hybrid model outperforms other DL models in terms of detection accuracy and response time. To show unbiased results 10-fold cross-validation is performed. The proposed framework is so effective that it can detect several types of cyber-attacks with 99.92% accuracy rate in multiclass classification.

A Deep Learning based Arabic Script Recognition System: Benchmark on KHAT

2020 ◽  
Vol 17 (3) ◽  
pp. 299-305 ◽  
Author(s):  
Riaz Ahmad ◽  
Saeeda Naz ◽  
Muhammad Afzal ◽  
Sheikh Rashid ◽  
Marcus Liwicki ◽  
...  
Keyword(s):  
Deep Learning ◽  
Character Recognition ◽  
Data Augmentation ◽  
Short Term Memory ◽  
Recognition System ◽  
Learning Approach ◽  
Arabic Text ◽  
Data Set ◽  
Processing Step ◽  
Handwritten Arabic

This paper presents a deep learning benchmark on a complex dataset known as KFUPM Handwritten Arabic TexT (KHATT). The KHATT data-set consists of complex patterns of handwritten Arabic text-lines. This paper contributes mainly in three aspects i.e., (1) pre-processing, (2) deep learning based approach, and (3) data-augmentation. The pre-processing step includes pruning of white extra spaces plus de-skewing the skewed text-lines. We deploy a deep learning approach based on Multi-Dimensional Long Short-Term Memory (MDLSTM) networks and Connectionist Temporal Classification (CTC). The MDLSTM has the advantage of scanning the Arabic text-lines in all directions (horizontal and vertical) to cover dots, diacritics, strokes and fine inflammation. The data-augmentation with a deep learning approach proves to achieve better and promising improvement in results by gaining 80.02% Character Recognition (CR) over 75.08% as baseline.

Human Activity Recognition using Fourier Transform Inspired Deep Learning Combination Model

2019 ◽  
Vol 9 (1) ◽  
pp. 16-31
Author(s):  
Kyungkoo Jun
Keyword(s):  
Fourier Transform ◽  
Deep Learning ◽  
Short Term Memory ◽  
Window Size ◽  
Sensor Data ◽  
Data Sets ◽  
Data Set ◽  
Proposed Model ◽  
Testing Data ◽  
Labeling Scheme

Background & Objective: This paper proposes a Fourier transform inspired method to classify human activities from time series sensor data. Methods: Our method begins by decomposing 1D input signal into 2D patterns, which is motivated by the Fourier conversion. The decomposition is helped by Long Short-Term Memory (LSTM) which captures the temporal dependency from the signal and then produces encoded sequences. The sequences, once arranged into the 2D array, can represent the fingerprints of the signals. The benefit of such transformation is that we can exploit the recent advances of the deep learning models for the image classification such as Convolutional Neural Network (CNN). Results: The proposed model, as a result, is the combination of LSTM and CNN. We evaluate the model over two data sets. For the first data set, which is more standardized than the other, our model outperforms previous works or at least equal. In the case of the second data set, we devise the schemes to generate training and testing data by changing the parameters of the window size, the sliding size, and the labeling scheme. Conclusion: The evaluation results show that the accuracy is over 95% for some cases. We also analyze the effect of the parameters on the performance.

Sign in / Sign up

Export Citation Format

Share Document