Low-rate Distributed Denial of Service (LDDoS) attacks have been one of the most notorious network security threats, which use periodic slight multi-variate time series pulse flows to degrade network quality. Limited by the poor data in a single client, a powerful and satisfactory LDDoS attack detection model is hard to be trained. Federated Learning (FL) is a promising paradigm offering joint learning through multiple clients. We propose an asynchronous federated learning arbitration framework based on bidirectional LSTM (bi-LSTM) and attention mechanism (AsyncFL-bLAM). In the AsyncFL-bLAM, the leader node election algorithm is proposed for constructing the framework of asynchronous federated learning. The proposed bLAM model composed of feature extracter and arbitrator takes on the responsibility of LDDoS detection locally. Furthermore, the novel AsyncFL framework helps to upload and aggregate the bLAM models' parameters asynchronously between leader node and client nodes. Experimental results show that the AsyncFL-bLAM outperforms the state-of-the-art models in accuracy, and reduces the overall communication rounds.INDEX TERMS Arbitration mechanism, asynchronous federated learning, deep learning, low-rate distributed denial-of-service.
I. INTRODUCTIONWith the increasing number of Internet of Things (IoT) devices, network attacks are increasing in both intensity and frequency. Recently, LDDoS attacks are reported as the most common ones in IoT. According to CNCERT [1], as many as 8,423 hacked IoT botnets, with no less than 100 IoT devices, were used to orchestrate and launch LDDoS attacks in 2021. Various variants of LDDoS attacks are found recently. Hivenets [2] could transform a single under-controlled IoT device into an intelligent robot to make autonomous decisions with minimal supervision. A multi-targets LDDoS attack model [3] used the bots' unused gaps between bursts to fire another attacks. The novel LSTM-CGAN [4] and TTS-GAN [5] methods could generate high-quality LDDoSThe associate editor coordinating the review of this manuscript and approving it for publication was Giovanni Pau .
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.