Unknown DDoS Attack Detection with Sliced Iterative Normalizing Flows Technique

被引：0

作者：

Shieh, Chin-Shiuh ^{[1
]}

Nguyen, Thanh-Lam ^{[1
]}

Nguyen, Thanh-Tuan ^{[2
]}

Horng, Mong-Fong ^{[1
]}

机构：

[1] Natl Kaohsiung Univ Sci & Technol, Dept Elect Engn, Kaohsiung 807618, Taiwan

[2] Nha Trang Univ, Dept Elect & Automat Engn, Nha Trang 650000, Vietnam

来源：

CMC-COMPUTERS MATERIALS & CONTINUA | 2025年 / 82卷 / 03期

关键词：

Distributed denial of service; sliced iterative normalizing flows; open-set recognition; cybersecurity; deep learning;

D O I：

10.32604/cmc.2025.061001

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

DDoS attacks represent one of the most pervasive and evolving threats in cybersecurity, capable of crippling critical infrastructures and disrupting services globally. As networks continue to expand and threats become more sophisticated, there is an urgent need for Intrusion Detection Systems (IDS) capable of handling these challenges effectively. Traditional IDS models frequently have difficulties in detecting new or changing attack patterns since they heavily depend on existing characteristics. This paper presents a novel approach for detecting unknown Distributed the Sliced Wasserstein distance to repeatedly modify probability distributions, enabling better management of highdimensional data when there are only a few samples available. The unique architecture of SINF ensures efficient density estimation and robust sample generation, enabling IDS to adapt dynamically to emerging threats without relying heavily on predefined signatures or extensive retraining. By incorporating Open-Set Recognition (OSR) techniques, this method improves the system's ability to detect both known and unknown attacks while maintaining high detection performance. The experimental evaluation on CICIDS2017 and CICDDoS2019 datasets demonstrates that the proposed system achieves an accuracy of 99.85% for known attacks and an F1 score of 99.99% after incremental learning for unknown attacks. The results clearly demonstrate the system's strong generalization capability across unseen attacks while maintaining the computational efficiency required for real-world deployment.

引用

页码：4881 / 4912

页数：32

共 48 条

[1] Alfatemi A, Rahouti M, Amin M, ALJamal S, Xiong K, Xin Y., Advancing DDoS attack detection: a synergistic approach using deep residual neural networks and synthetic oversampling
[2] Mittal M, Kumar K, Behal S., Deep learning approaches for detecting DDoS attacks: a systematic review, Soft Comput, 27, 18, pp. 13039-13075, (2023)
[3] Malliga S, Nandhini PS, Kogilavani SV., A comprehensive review of deep learning techniques for the detection of (distributed) denial of service attacks, Inf Technol Contr, 51, 1, pp. 180-215, (2022)
[4] Hnamte V, Ahmad Najar A, Nhung-Nguyen H, Hussain J, Sugali MN., DDoS attack detection and mitigation using deep neural network in SDN environment, Comput Secur, 138, 21, (2024)
[5] Najafimehr M, Zarifzadeh S, Mostafavi S., DDoS attacks and machine-learning-based detection methods: a survey and taxonomy, Eng Rep, 5, 12, (2023)
[6] Agostinello D, Genovese A, Piuri V., Anomaly-based intrusion detection system for DDoS attack with deep learning techniques, Proceedings of the 20th International Conference on Security and Cryptography, pp. 267-275, (2023)
[7] Kumar D, Pateriya RK, Gupta RK, Dehalwar V, Sharma A., DDoS detection using deep learning, Procedia Comput Sci, 218, 1, pp. 2420-2429, (2023)
[8] Elubeyd H, Yiltas-Kaplan D., Hybrid deep learning approach for automatic DoS/DDoS attacks detection in software-defined networks, Appl Sci, 13, 6, (2023)
[9] Shieh CS, Ho FA, Horng MF, Nguyen TT, Chakrabarti P., Open-set recognition in unknown DDoS attacks detection with reciprocal points learning, IEEE Access, 12, 4, pp. 56461-56476, (2024)
[10] Dai B, Seljak U., Sliced iterative normalizing flows, (2021)

← 1 2 3 4 5 →