DDoSNet: A Deep-Learning Model for Detecting Network Attacks

Elsayed, Mahmoud Said; Le-Khac, Nhien-An; Dev, Soumyabrata; Jurcut, Anca Delia

doi:10.48550/arxiv.2006.13981

Cited by 3 publications

(16 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…First of all, the results are evaluations of the proposed dynamic and predictive model through SVM, decision tree, and KNN. We used a dataset based on DDoS attacks called CICDDoS2019 [ 26 ]. This dataset is based on real-time DDoS attacks, including DNS, MSSQL, NetBIOS, UDP, and TFTP.…”

Section: Resultsmentioning

confidence: 99%

“…These networks use the resources and optimize the system operations. The main concept of these networks is to design a platform where users solve their complex problems in a synergic way through computers [ 26 ]. We proposed a self-organizing architecture by using smart devices and sensor nodes where the devices learn the environmental changes and user behavior.…”

Section: Proposed Data Analytics Model For 5g-based Iot Networkmentioning

confidence: 99%

“…The extracted feature from packets is around 50. We used a dataset based on DDoS attacks called CICDDoS2019 [ 26 ]. This dataset is based on real-time DDoS attacks, including DNS, MSSQL, NetBIOS, UDP, and TFTP.…”

Section: Proposed Data Analytics Model For 5g-based Iot Networkmentioning

confidence: 99%

See 2 more Smart Citations

Data Analytics, Self-Organization, and Security Provisioning for Smart Monitoring Systems

Anwar

Qureshi²,

Nagmeldin³

et al. 2022

Sensors

View full text Add to dashboard Cite

Internet availability and its integration with smart technologies have favored everyday objects and things and offered new areas, such as the Internet of Things (IoT). IoT refers to a concept where smart devices or things are connected and create a network. This new area has suffered from big data handling and security issues. There is a need to design a data analytics model by using new 5G technologies, architecture, and a security model. Reliable data communication in the presence of legitimate nodes is always one of the challenges in these networks. Malicious nodes are generating inaccurate information and breach the user’s security. In this paper, a data analytics model and self-organizing architecture for IoT networks are proposed to understand the different layers of technologies and processes. The proposed model is designed for smart environmental monitoring systems. This paper also proposes a security model based on an authentication, detection, and prediction mechanism for IoT networks. The proposed model enhances security and protects the network from DoS and DDoS attacks. The proposed model evaluates in terms of accuracy, sensitivity, and specificity by using machine learning algorithms.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Proposed Data Analytics Model For 5g-based Iot Networkmentioning

confidence: 99%

See 1 more Smart Citation

Data Analytics, Self-Organization, and Security Provisioning for Smart Monitoring Systems

Anwar

Qureshi²,

Nagmeldin³

et al. 2022

Sensors

View full text Add to dashboard Cite

show abstract

“…more challenges for researchers. Although DL-based models proposed recently Jia et al 18 and Elsayed et al 19 have shown better performance for detection of different types of DDoS attacks, such models require huge amount of resources. Therefore, here we aim to develop an ML-based model for the detection of malicious and benign flows which offer performance comparable to these state-of-the-art deep models.…”

Section: Motivation and Contributionsmentioning

confidence: 99%

“…Moreover, the developed models offer a performance which is comparable to the state-of-the-art DL models. 18,19 In Table 7, we report a comparative analysis of the ML model developed by using CICIDS2017 dataset against stateof-the-art DL model. 20 The CICIDS2017 dataset includes records of various types of attacks which include brute force file transfer protocol (FTP), brute force secure shell (SSH), heartbleed, web attack, infiltration, botnet, DoS, and DDoS.…”

Section: Algorithmmentioning

confidence: 99%

A generalized machine learning‐based model for the detection of DDoS attacks

2020

View full text Add to dashboard Cite

As time is progressing, the number and the complexity of methods adopted for launching distributed denial of service (DDoS) attacks are changing. Therefore, we propose a methodology for the development of a generalized machine learning (ML)-based model for the detection of DDoS attacks. After exploring various attributes of the dataset chosen for this study, we propose an integrated feature selection (IFS) method which consists of three stages and integration of two different methods, that is, filter and embedded methods to select features which highly contribute to the detection of various types of DDoS attacks. We use light gradient boosting machine (LGBM) algorithm for training of the model for classification of benign and malicious flows. For ensuring satisfactory performance and generalized behavior of the developed model, we test it by passing records of unseen DDoS attack types. Several performance metrics are employed for the evaluation of the model. By comparing the performance of developed model against state-of-the-art models, we state an improvement of around 20% for almost all the reported metrics. We also show that the performance of the model improves if feature space is reduced by 77%. Furthermore, the generalized behavior of the developed model is justified by demonstrating a trade-off between high variance and high bias ML models.

show abstract

An augmented K‐means clustering approach for the detection of distributed denial‐of‐service attacks

2021

View full text Add to dashboard Cite

Summary The problem of distributed denial‐of‐service (DDoS) attack detection remains challenging due to new and innovative methods developed by attackers to evade the deployed security systems. In this work, we devise an unsupervised machine learning (ML)‐based approach for the detection of different types of DDoS attacks by augmenting the performance of K‐means clustering algorithm with the aid of a hybrid method for feature selection and extraction. By sequentially combining an integrated feature selection (IFS) algorithm and a deep autoencoder (DAE), we develop the hybrid method for extracting encoded features, which can better separate the clusters of benign and malicious network flows. We formulate the problem of DDoS attack detection as a binary clustering of network flows. Although K‐means clustering is the simplest and widely used algorithm, we investigate its performance for DDoS attack detection before and after applying the proposed hybrid method for feature selection and extraction. Our results show that after employing the proposed hybrid method, the performance of K‐means clustering model improves, and it is comparable to the state‐of‐the‐art supervised ML and deep learning (DL)‐based methods developed for DDoS attack detection.

show abstract

DDoSNet: A Deep-Learning Model for Detecting Network Attacks

Cited by 3 publications

References 0 publications

Data Analytics, Self-Organization, and Security Provisioning for Smart Monitoring Systems

Data Analytics, Self-Organization, and Security Provisioning for Smart Monitoring Systems

A generalized machine learning‐based model for the detection of DDoS attacks

An augmented K‐means clustering approach for the detection of distributed denial‐of‐service attacks

Contact Info

Product

Resources

About