Distributed Denial-of-Service (DDoS) attacks are increasing as the demand for Internet connectivity massively grows in recent years. Conventional shallow machine learning-based techniques for DDoS attack classification tend to be ineffective when the volume and features of network traffic, potentially carry malicious DDoS payloads, increase exponentially as they cannot extract high importance features automatically. To address this concern, we propose a hybrid approach named AE-MLP that combines two deep learning-based models for effective DDoS attack detection and classification. The Autoencoder (AE)
part of our proposed model provides an effective feature extraction that finds the most relevant feature sets automatically without human intervention (e.g., knowledge of cybersecurity professionals). The Multi-layer Perceptron Network (MLP) part of our proposed model uses the compressed and reduced feature sets produced by the AE as inputs and classifies the attacks into different DDoS attack types to overcome the
performance overhead and bias associated with processing large feature sets with noise (i.e., unnecessary feature values). Our experimental results, obtained through comprehensive and extensive experiments on
different aspects of performance on the CICDDoS2019 dataset, demonstrate both a very high and robust accuracy rate and F1-score that exceed 98% which also outperformed the performance of many similar
methods. This shows that our proposed model can be used as an effective DDoS defense tool against the growing number of DDoS attacks.
History
Volume
9
Start Page
146810
End Page
146821
Number of Pages
12
eISSN
2169-3536
Publisher
Institute of Electrical and Electronics Engineers (IEEE)