A Comprehensive Review of Deep Learning Techniques for the Detection of (Distributed) Denial of Service Attacks

Malliga, S.; Nandhini, P. S.; Kogilavani, S. V.

doi:10.5755/j01.itc.51.1.29595

Cited by 14 publications

(8 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…With the continuous development of deep learning technology, it is also widely used in intrusion detection [20]. Different from traditional machine learning algorithms, deep learning technology can automatically learn data features without human intervention, which brings a new idea for processing multi feature intrusion data [21].…”

Section: Intrusion Detectionmentioning

confidence: 99%

See 1 more Smart Citation

Hybrid Strategy Improved Sparrow Search Algorithm in the Field of Intrusion Detection

Liu

Xueqiang

2023

IEEE Access

View full text Add to dashboard Cite

Aiming at the problem that sparrow search algorithm(SSA) may fall into local optima and has slow convergence speed, a hybrid strategy improved Sparrow Search Algorithm(HSISSA) is proposed in this paper, and it is applied to feature selection and model optimization of intrusion detection. Firstly, the hybrid circle-piecewise map is proposed to initialize the population and improve the uniformity of the initial population distribution; Secondly, merging the spiral search method in the vulture search algorithm and Levy's flight formula to update the positions of the discoverer and the scouter respectively, to expand the population search range and enhance the search capability; Finally, simplex method and pinhole imaging method are used to optimize the position of sparrows with poor fitness and optimal fitness, to avoid stagnation in the population search and falling into local optima. The performance of the algorithm is optimized through the above methods. The algorithm is tested on 10 classical benchmark functions and combined with Wilcoxon rank sum test analysis to verify the effectiveness of the algorithm, which showed improvements in convergence speed and accuracy. Finally, it is applied to feature selection and model optimization of intrusion detection. On average, 7.6 features and 10.1 features are retained on the CIC-IDS2017 dataset and UNSW-NB15 dataset, respectively, and 99.5% and 96.01% accuracy are achieved. The number and accuracy of the optimized features are better than the original algorithm. For DenseNet and random forest models, HSISSA can achieve 99.34% and 97.22% accuracy after optimization, which improves the performance of the model, thus, the algorithm shows better performance than other algorithms.

show abstract

Section: Intrusion Detectionmentioning

confidence: 99%

“…This is the author's version which has not been fully edited and content may change prior to final publication. F1 score, which is the harmonic average of recall rate and accuracy rate, it s a measure of a test's accuracy, the calculation process is shown in (20).…”

Section: B Evaluation Criteriamentioning

confidence: 99%

Hybrid Strategy Improved Sparrow Search Algorithm in the Field of Intrusion Detection

Liu

Xueqiang

2023

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Reviews of LDoS attacks exist [43,1,44,3,45], but none relates to resource-constrained ICPS. Similarly, some surveys review security concerns of the cyber-physical systems using ML/DL [46][47][48][49][50][51]; however, they do not cover LDoS or their detection.…”

Section: Literature Reviewmentioning

confidence: 99%

Light-Weight Slow-Rate Attack Detection Framework for Resource-Constrained Industrial Cyber-Physical Systems

Zahid,

Kuo,

Sinha

2023

Preprint

View full text Add to dashboard Cite

Industrial Cyber-Physical Systems (ICPS) are heterogenous computer systems interacting withphysical processes in an industrial environment. The high degree of distribution and interconnectedness poses significant security threats to ICPS, including Slow−Rate Attacks (SRA ). SRA often exploit system vulnerabilities arising from the inherent limitations of resource-constrained ICPS computers like programmable logic controller (PLC). Existing literature identify several challenges in detecting and classifying SRA in resource-constrained ICPS. In this article, we propose an optimised Online Sequential−Extreme Learning Machine (OSELM)-based, novel light-weight active security framework for SRA detection. We reduce the memory and space footprint of OSELM through optimisation techniques for deployment in resource-constrained ICPS. Also, we introduce a simple stratified k-fold cross training method to improve the binary and multi-class SRA- detection capability of the proposed framework, focusing on performance and accuracy of attack detection. Experimental results demonstrate that our proposed framework can effectively and efficiently detect binary and multi-class SRA with an accuracy of 0.975 and 0.96 with average detection times of 0.03 and 0.04 sec, respectively, using less than 3 MB of memory and 10-12% of CPU usage in PLC-based ICPS.

show abstract

“…Due to the information interaction process between the nodes of complex cyber-physical networks through cyber space has become more complicated, thus complex cyber-physical networks are confronted with a larger risk of communications network-induced issues like network delay [29] and cyber attacks [28]. As an emerging field, security issues due to cyber attacks in the complex networks has attracted extensive attention and achieved a series of meaningful research results [10,11,12,19,34]. In general, there have been three cyber attacks that frequently arise in addressing the problem of secure control, i.e., false data injection (FDI) attacks [10,12,34], denial of service (DoS) attacks [19] and replay attacks [11].…”

Section: Introductionmentioning

confidence: 99%

“…As an emerging field, security issues due to cyber attacks in the complex networks has attracted extensive attention and achieved a series of meaningful research results [10,11,12,19,34]. In general, there have been three cyber attacks that frequently arise in addressing the problem of secure control, i.e., false data injection (FDI) attacks [10,12,34], denial of service (DoS) attacks [19] and replay attacks [11]. From the perspective of security level, FDI attacks are the most dangerous attack, because the attackers can inject malicious data to worsen or destabilize the performance of the target system.…”

Section: Introductionmentioning

confidence: 99%

Event-Based Pinning Synchronization Control for Discrete-Time Delayed Complex Cyber-Physical Networks Under All-Around Attacks

Chaoqun

Jia

2023

ITC

View full text Add to dashboard Cite

This paper is concerned with the problem of pinning synchronization control for a class of nonlinear discrete-time delayed complex cyber-physical networks under all-around attacks. To handle the all-around attacks, a constrained hybrid attacks model is established, which incorporates the pattern feature of false data injection attacks and physical attacks. By utilizing the Lyapunov stability theory and the linear matrix inequality technique, a novel dynamic event-triggering pinning synchronization control scheme is developed to cope with the synchronization control task. Subsequently, sufficient conditions are obtained to guarantee that the closed-loop error dynamics are ultimately exponentially bounded. Furthermore, the design procedure of the synchronization controller is presented for the considered complex cyber-physical networks subject to all-around attacks. Finally, an illustrative example is delivered to demonstrate the effectiveness of the proposed method.

show abstract

A Comprehensive Review of Deep Learning Techniques for the Detection of (Distributed) Denial of Service Attacks

Cited by 14 publications

References 0 publications

Hybrid Strategy Improved Sparrow Search Algorithm in the Field of Intrusion Detection

Hybrid Strategy Improved Sparrow Search Algorithm in the Field of Intrusion Detection

Light-Weight Slow-Rate Attack Detection Framework for Resource-Constrained Industrial Cyber-Physical Systems

Event-Based Pinning Synchronization Control for Discrete-Time Delayed Complex Cyber-Physical Networks Under All-Around Attacks

Contact Info

Product

Resources

About