N-Tier Machine Learning-Based Architecture for DDoS Attack Detection

被引:4
作者
Thi-Hong Vuong [1 ]
Cam-Van Nguyen Thi [1 ]
Quang-Thuy Ha [1 ]
机构
[1] Vietnam Natl Univ Hanoi VNU, VNU Univ Engn & Technol UET, 144 Xuan Thuy, Hanoi, Vietnam
来源
INTELLIGENT INFORMATION AND DATABASE SYSTEMS, ACIIDS 2021 | 2021年 / 12672卷
关键词
DDoS attacks; CICDDoS2019; Machine learning methods; Intrusion detection;
D O I
10.1007/978-3-030-73280-6_30
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Distributed Denial of Service (DDoS) attack is a menace to network security that aims at exhausting the target networks with malicious traffic. With simple but powerful attack mechanisms, it introduces an immense threat to the current Internet community. In this paper, we propose a novel multi-tier architecture intrusion detection model based on a machine learning method that possibly detects DDoS attacks. We evaluate our model using the newly released dataset CICDDoS2019, which contains a comprehensive variety of DDoS attacks and address the gaps of the existing current datasets. Experimental results indicated that the proposed method is more efficient than other existing ones. The experiments demonstrated that the proposed model accurately recognize DDoS attacks outperforming the state-of-the-art by F1-score.
引用
收藏
页码:375 / 385
页数:11
相关论文
共 23 条
[1]   An efficient filter for denial-of-service bandwidth attacks [J].
Abdelsayed, S ;
Glimsholt, D ;
Leckie, C ;
Ryan, S ;
Shami, S .
GLOBECOM'03: IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, VOLS 1-7, 2003, :1353-1357
[2]   The Internet of Things: A survey [J].
Atzori, Luigi ;
Iera, Antonio ;
Morabito, Giacomo .
COMPUTER NETWORKS, 2010, 54 (15) :2787-2805
[3]  
Aytac T., 2020, DETECTION DDOS ATTAC
[4]  
Barford P, 2002, IMW 2002: PROCEEDINGS OF THE SECOND INTERNET MEASUREMENT WORKSHOP, P71, DOI 10.1145/637201.637210
[5]  
Cabrera J. B. D., 2001, 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings. Integrated Network Management VII. Integrated Management Strategies for the New Millennium (Cat. No.01EX470), P609, DOI 10.1109/INM.2001.918069
[6]  
Cheng CM, 2002, GLOB TELECOMM CONF, P2143
[7]   DDoSNet: A Deep-Learning Model for Detecting Network Attacks [J].
Elsayed, Mahmoud Said ;
Nhien-An Le-Khac ;
Dev, Soumyabrata ;
Jurcut, Anca Delia .
2020 21ST IEEE INTERNATIONAL SYMPOSIUM ON A WORLD OF WIRELESS, MOBILE AND MULTIMEDIA NETWORKS (IEEE WOWMOM 2020), 2020, :391-396
[8]   Countering denial-of-service attacks using congestion triggered packet sampling and filtering [J].
Huang, Y ;
Pullen, JM .
TENTH INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATIONS AND NETWORKS, PROCEEDINGS, 2001, :490-494
[9]  
Hussain A., 2006, P 25 IEEE INT C COMP, P1
[10]   A covariance analysis model for DDoS attack detection [J].
Jin, SY ;
Yeung, DS .
2004 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, VOLS 1-7, 2004, :1882-1886
123