A novel framework of DDoS attack detection in network using hybrid heuristic deep learning approaches with attention mechanism
Abstract
The “Distributed Denial of Service (DDoS)” threats have become a tool for the hackers, cyber swindlers, and cyber terrorists. Despite the high amount of conventional mitigation mechanisms that are present nowadays, the DDoS threats continue to enhance in severity, volume, and frequency. The DDoS attack has highly affected the availability of the networks for the previous years and still, there is no efficient defense technique against it. Moreover, the new and complex DDoS attacks are increasing on a daily basis but the traditional DDoS attack detection techniques cannot react to these threats. On the other hand, the hackers are employing very innovative strategies to initiate the threats. But, the traditional methods can become effective and reliable when combined with the deep learning-aided approaches. To solve these certain issues, a framework detection mechanism for DDoS attacks utilizes an attention-aided deep learning methodology. The primary thing is the acquisition of data from standard data online sources. Further, from the garnered data, the significant features are drawn out from the “Deep Weighted Restricted Boltzmann Machine (RBM)” using a “Deep Belief Network (DBN)”, in which the parameters are tuned by employing the recommended Enhanced Gannet Optimization Algorithm (EGOA). This feature extraction operation increases the network performance rate and also diminishes the dimensionality issues. Lastly, the acquired features are transferred to the model of “Attention and Cascaded Recurrent Neural Network (RNN) with Residual Long Short Term Memory (LSTM) (ACRNN-RLSTM)” blocks for the DDoS threat detection purpose. This designed network precisely identifies the complex and new attacks, thus it increases the trustworthiness of the network. In the end, the performance of the approach is contrasted with other traditional algorithms. Hence, the simulation outcomes are obtained that prove the system’s efficiency. Also, the outcomes displayed that the designed system overcame the conventional threat detection techniques.
References
[1]
A. Agarwal, M. Khari and R. Singh, Detection of DDOS attack using deep learning model in cloud storage application, Wireless Personal Communications 127 (2022), 419–439.
[2]
I. Ahmad, Z. Wan and A. Ahmad, A big data analytics for DDOS attack detection using optimized ensemble framework in Internet of things, Internet of Things 23 (2023).
[3]
H. Alkahtani and T.H. Aldhyani, Botnet attack detection by using CNN-LSTM model for Internet of things applications, Security and Communication Networks (2021), 1–23.
[4]
P.J. Beslin Pajila, E. Golden Julie and Y.H. Robinson, FBDR-fuzzy based DDoS attack detection and recovery mechanism for wireless sensor networks, Wireless Personal Communications 122 (2022), 3053–3083.
[5]
T. Cai, T. Jia, S. Adepu, Y. Li and Z. Yang, ADAM: An adaptive DDoS attack mitigation scheme in software-defined cyber-physical system, IEEE Transactions on Industrial Informatics 19(6) (2023), 7802–7813.
[6]
Y. Cao, H. Jiang, Y. Deng, J. Wu, P. Zhou and W. Luo, Detecting and mitigating DDoS attacks in SDN using spatial-temporal graph convolutional network, IEEE Transactions on Dependable and Secure Computing 19(6) (2022), 3855–3872.
[7]
Z. Chen, Z. Xie, W. Zhang and X. Xu, ResNet and model fusion for automatic spoofing detection, in: Interspeech, 2017, pp. 102–106.
[8]
M. Cherian and S.L. Varma, Secure SDN–IoT framework for DDoS attack detection using deep learning and counter based approach, Journal of Network and Systems Management 31(54) (2023).
[9]
G. D’Angelo, E. Farsimadan, M. Ficco, F. Palmieri and A. Robustelli, Privacy-preserving malware detection in Android-based IoT devices through federated Markov chains, Future Generation Computer Systems 148 (2023), 93–105.
[10]
G. D’Angelo, E. Farsimadan and F. Palmieri, Recurrence plots-based network attack classification using CNN-autoencoders, in: International Conference on Computational Science and Its Applications, 2023, pp. 191–209.
[11]
S. Dong and M. Sarem, DDoS attack detection method based on improved KNN with the degree of DDoS attack in software-defined networks, IEEE Access 8 (2020), 5039–5048.
[12]
S. Dong and M. Sarem, DDoS attack detection method based on improved KNN with the degree of DDoS attack in software-defined networks, IEEE Access 8 (2020), 5039–5048.
[13]
A.S. Eesa, Z. Orman and A.M.A. Brifcani, A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems, Expert systems with applications 42(5) (2015), 2670–2679.
[14]
A.A. Elsaeidy, A. Jamalipour and K.S. Munasinghe, A hybrid deep learning approach for replay and DDoS attack detection in a smart city, IEEE Access 9 (2021), 154864–154875.
[15]
D. Erhan and E. Anarim, Hybrid DDoS detection framework using matching pursuit algorithm, IEEE Access 8 (2020), 118912–118923.
[16]
R. Fadaei Fouladi, O. Ermiş and E. Anarim, A DDoS attack detection and countermeasure scheme based on DWT and auto-encoder neural network for SDN, Computer Networks 214 (2022).
[17]
W.I. Khedr, A.E. Gouda and E.R. Mohamed, FMDADM: A multi-layer DDoS attack detection and mitigation framework using machine learning for stateful SDN-based IoT networks, IEEE Access 11 (2023), 28934–28954.
[18]
J. Kim, M. El-Khamy and J. Lee, Residual LSTM: Design of a deep recurrent architecture for distant speech recognition, 2017, arXiv.
[19]
S. Mahdavi Hezavehi and R. Rahmani, An anomaly-based framework for mitigating effects of DDoS attacks using a third party auditor in cloud computing environments, Cluster Computing 23 (2020), 2609–2627.
[20]
A. Makuvaza, D.S. Jat and A.M. Gamundani, Deep neural network (DNN) solution for real-time detection of distributed denial of service (DDoS) attacks in software defined networks (SDNs), SN Computer Science 2(107) (2021).
[21]
X.-H. Nguyen and K.-H. Le, Robust detection of unknown DoS/DDoS attacks in IoT networks using a hybrid learning model, Internet of Things 23 (2023).
[22]
G. Oluchi Anyanwu, C.I. Nwakanma, J.-M. Lee and D.-S. Kim, Optimization of RBF-SVM kernel using grid search algorithm for DDoS attack detection in SDN-based VANET, IEEE Internet of Things Journal 10(10) (2023), 8477–8490.
[23]
J.-S. Pan, L.-G. Zhang, R.-B. Wang, V. Snasel and S.-C. Chu, Gannet optimization algorithm: A new metaheuristic algorithm for solving engineering optimization problems, Mathematics and Computers in Simulation 202 (2022), 343–373.
[24]
V. Raghava Swamy Dora and V. Naga Lakshmi, Optimal feature selection with CNN-feature learning for DDoS attack detection using meta-heuristic-based LSTM, International Journal of Intelligent Robotics and Applications 6 (2022), 323–349.
[25]
H. Salehinejad, S. Sankar, J. Barfett, E. Colak and S. Valaee, Recent advances in recurrent neural networks, 2018, arXiv.
[26]
S.B. Sandouka, Y. Bazi and M.M. Al Rahhal, EfficientNet Combined with Generative Adversarial Networks for Presentation Attack Detection, IEEE, 2020, pp. 1–5.
[27]
S. Toklu and M. Şimşek, Two-layer approach for mixed high-rate and low-rate distributed denial of service (DDoS) attack detection and filtering, Arabian Journal for Science and Engineering 43 (2018), 7923–7931.
[28]
J.E. Varghese and B. Muniyal, An efficient IDS framework for DDoS attacks in SDN environment, IEEE Access 9 (2021), 69680–69699.
[29]
H. Wang, J. Xu, R. Yana, C. Sun and X. Chen, Intelligent Bearing Fault Diagnosis Using Multi-Head Attention-Based CNN, Elsevier, 2020.
[30]
J. Wang and G. Yang, An intelligent method for real-time detection of DDoS attack based on fuzzy logic, Journal of Electronics (China) 25 (2008), 511–518.
[31]
L. Xie, T. Han, H. Zhou, Z.R. Zhang, B. Han and A. Tang, Tuna swarm optimization: A novel swarm-based metaheuristic algorithm for global optimization, Computational intelligence and Neuroscience (2021), 1–22.
[32]
R. Xunyi, W. Ruchuan and W. Haiyan, Wavelet analysis method for detection of DDoS attack on the basis of self-similarity, Frontiers of Electrical and Electronic Engineering in China 2 (2007), 73–77.
[33]
L. Yu, Z. Yang and L. Tang, A Novel Multistage Deep Belief Network Based Extreme Learning Machine Ensemble Learning Paradigm for Credit Risk Assessment, Springer, 2015.
[34]
S. Yu, J. Zhang, J. Liu, X. Zhang, Y. Li and T. Xu, A cooperative DDoS attack detection scheme based on entropy and ensemble learning in SDN, EURASIP Journal on Wireless Communications and Networking 90 (2021).
[35]
N.M. Yungaicela-Naula, C. Vargas-Rosales, J.A. Perez-Diaz, E. Jacob and C. Martinez-Cagnazzo, Physical assessment of an SDN-based security framework for DDoS attack mitigation: Introducing the SDN-SlowRate-DDoS dataset, IEEE Access 11 (2023), 46820–46831.
[36]
N. Zakaria Bawany, J.A. Shamsi and K. Salah, DDoS attack detection and mitigation using SDN: Methods, practices, and solutions, Arabian Journal for Science and Engineering 42 (2017), 425–441.
[37]
C. Zhong, G. Li and Z. Meng, Beluga whale optimization: A novel nature-inspired metaheuristic algorithm, Knowledge-Based Systems 251(109215) (2022).
[38]
H. Zhou, Y. Zheng, X. Jia and J. Shu, Collaborative prediction and detection of DDoS attacks in edge computing: A deep learning-based approach with distributed SDN, Computer Networks 225 (2023).
Recommendations
Real-time DDoS attack detection using FPGA
A real-time DDoS attack detection method should identify attacks with low computational overhead. Although a large number of statistical methods have been designed for DDoS attack detection, real-time statistical solution to detect DDoS attacks in ...
DDoS attack detection by using packet sampling and flow features
SAC '14: Proceedings of the 29th Annual ACM Symposium on Applied ComputingDDoS attack becomes a challenge to the security of the Internet. The DDoS attack, which consumes a lot of valuable computing of communication resources, is known hard to defend. Aiming to the threat caused by DDoS attacks, current network requires an ...
Software-defined DDoS detection with information entropy analysis and optimized deep learning
AbstractSoftware Defined Networking (SDN) decouples the control plane and the data plane and solves the difficulty of new services deployment. However, the threat of a single point of failure is also introduced at the same time. Attackers ...
Graphical abstractDisplay Omitted
Highlights- A two-level DDoS attack detection method based on information entropy and deep learning in the context of SDN.
Comments
Information & Contributors
Information
Published In
© 2024 – IOS Press. All rights reserved.
Publisher
IOS Press
Netherlands
Publication History
Published: 10 May 2024
Author Tags
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 03 Oct 2024
Other Metrics
Citations
View Options
View options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in