A hybrid deep learning model based low‐rate DoS attack detection method for software defined network

Sun, Wenjuan; Guan, Shaopeng; Peng, Wang; Wu, Qingyu

doi:10.1002/ett.4443

Cited by 10 publications

(6 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The reason is that the dataset does not contain spatial information, making the CNN layer unable to play its advantages in spatial feature extraction. Based on same idea, the hybrid CNN+GRU model (HY-CNN+GRU) [29] also used CNN and GRU, but it tried to optimize the hyper-parameters of model by improved sailfish algorithm. From the results, the performance was not as expected.…”

Section: ) Experimental Results Of Blam Modelmentioning

confidence: 99%

“…Therefore, on the one hand, with the emergence of the LSTM networks, researchers saw their abilities in recognizing long-time dependent LDDoS attack sequences. Sun et al [17] proposed a hybrid CNN and GRU model to extract deeper spatial and temporal features of LDDoS attacks. Mohammad et al [18] proposed a novel autoencoder-based anomaly detection system to leverage time-based features (TAE) over multiple time windows for efficiently detecting anomalous DDoS.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

An Asynchronous Federated Learning Arbitration Model for Low-Rate DDoS Attack Detection

et al. 2023

View full text Add to dashboard Cite

Low-rate Distributed Denial of Service (LDDoS) attacks have been one of the most notorious network security threats, which use periodic slight multi-variate time series pulse flows to degrade network quality. Limited by the poor data in a single client, a powerful and satisfactory LDDoS attack detection model is hard to be trained. Federated Learning (FL) is a promising paradigm offering joint learning through multiple clients. We propose an asynchronous federated learning arbitration framework based on bidirectional LSTM (bi-LSTM) and attention mechanism (AsyncFL-bLAM). In the AsyncFL-bLAM, the leader node election algorithm is proposed for constructing the framework of asynchronous federated learning. The proposed bLAM model composed of feature extracter and arbitrator takes on the responsibility of LDDoS detection locally. Furthermore, the novel AsyncFL framework helps to upload and aggregate the bLAM models' parameters asynchronously between leader node and client nodes. Experimental results show that the AsyncFL-bLAM outperforms the state-of-the-art models in accuracy, and reduces the overall communication rounds.INDEX TERMS Arbitration mechanism, asynchronous federated learning, deep learning, low-rate distributed denial-of-service. I. INTRODUCTIONWith the increasing number of Internet of Things (IoT) devices, network attacks are increasing in both intensity and frequency. Recently, LDDoS attacks are reported as the most common ones in IoT. According to CNCERT [1], as many as 8,423 hacked IoT botnets, with no less than 100 IoT devices, were used to orchestrate and launch LDDoS attacks in 2021. Various variants of LDDoS attacks are found recently. Hivenets [2] could transform a single under-controlled IoT device into an intelligent robot to make autonomous decisions with minimal supervision. A multi-targets LDDoS attack model [3] used the bots' unused gaps between bursts to fire another attacks. The novel LSTM-CGAN [4] and TTS-GAN [5] methods could generate high-quality LDDoSThe associate editor coordinating the review of this manuscript and approving it for publication was Giovanni Pau .

show abstract

Section: ) Experimental Results Of Blam Modelmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

An Asynchronous Federated Learning Arbitration Model for Low-Rate DDoS Attack Detection

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Sun et al . 's [19] investigation of the CNN-GRU deep learning model-based LDoS attack detection technique. The gated frequent unit and the convolutional neural network (CNN).…”

Section: Literature Surveymentioning

confidence: 99%

Secure Multi-Path Selection with Optimal Controller Placement Using Hybrid Software-Defined Networks with Optimization Algorithm

Kadam,

Deshmukh,

Gund

et al. 2023

IJRITCC

View full text Add to dashboard Cite

The Internet's growth in popularity requires computer networks for both agility and resilience. Recently, unable to satisfy the computer needs for traditional networking systems. Software Defined Networking (SDN) is known as a paradigm shift in the networking industry. Many organizations are used SDN due to their efficiency of transmission. Striking the right balance between SDN and legacy switching capabilities will enable successful network scenarios in architecture networks. Therefore, this object grand scenario for a hybrid network where the external perimeter transport device is replaced with an SDN device in the service provider network. With the moving away from older networks to SDN, hybrid SDN includes both legacy and SDN switches. Existing models of SDN have limitations such as overfitting, local optimal trapping, and poor path selection efficiency. This paper proposed a Deep Kronecker Neural Network (DKNN) to improve its efficiency with a moderate optimization method for multipath selection in SDN. Dynamic resource scheduling is used for the reward function the learning performance is improved by the deep reinforcement learning (DRL) technique. The controller for centralised SDN acts as a network brain in the control plane. Among the most important duties network is selected for the best SDN controller. It is vulnerable to invasions and the controller becomes a network bottleneck. This study presents an intrusion detection system (IDS) based on the SDN model that runs as an application module within the controller. Therefore, this study suggested the feature extraction and classification of contractive auto-encoder with a triple attention-based classifier. Additionally, this study leveraged the best performing SDN controllers on which many other SDN controllers are based on OpenDayLight (ODL) provides an open northbound API and supports multiple southbound protocols. Therefore, one of the main issues in the multi-controller placement problem (CPP) that addresses needed in the setting of SDN specifically when different aspects in interruption, ability, authenticity and load distribution are being considered. Introducing the scenario concept, CPP is formulated as a robust optimization problem that considers changes in network status due to power outages, controller’s capacity, load fluctuations and changes in switches demand. Therefore, to improve network performance, it is planned to improve the optimal amount of controller placements by simulated annealing using different topologies the modified Dragonfly optimization algorithm (MDOA).

show abstract

“…One key aspect of defect detection is feature selection (FS), which involves identifying the most relevant and informative features from a large set of available software metrics and attributes 3,30 . FS helps to reduce dimensionality, eliminate irrelevant or redundant features, and improve the performance.…”

Section: Introductionmentioning

confidence: 99%

“…2,29 One key aspect of defect detection is feature selection (FS), which involves identifying the most relevant and informative features from a large set of available software metrics and attributes. 3,30 FS helps to reduce dimensionality, eliminate irrelevant or redundant features, and improve the performance. By focusing on the most discriminative features, the effectiveness of the defect detection process can be enhanced, leading to more accurate identification and resolution of defects.…”

Section: Introductionmentioning

confidence: 99%

Mutation boosted salp swarm optimizer meets rough set theory: A novel approach to software defect detection

Sekaran,

Lawrence

2024

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Software defect detection (SDD) is crucial to ensure the reliability of software systems and identify defects in classification. One of the key challenges in defect detection is to select more informative and relevant features from the vast pool of available software metrics. A novel approach is proposed in this paper that leverages mutation boosted salp swarm optimizer (MBSSO) and Rough Set Theory for feature selection (FS) in SDD. It efficiently explores the search space and incorporates a mutation boosting mechanism to overcome local optima. Rough Set Theory provides a formal framework for analyzing feature relevance and dependency, while MBSSO optimizes the search for the optimal feature subset. The proposed approach involves encoding the feature subsets using binary representation and designing a fitness function. The MBSSO algorithm explores the feature space, iteratively improving the feature subset based on the fitness function. The selected feature subset is then used to train a defect detection model using the Kernel Extreme Learning Machine (KELM) algorithm. The experimental validation is performed by Project Repository for Software Engineering (PROMISE) dataset and compared the performance of proposed approach against other FS methods and baselines. The experimental validation demonstrates that the proposed approach achieves superior performance and selected feature subset improves the accuracy and efficiency. This research contributes to the advancement of SDD by providing an effective and efficient FS technique using MBSSO and Rough Set Theory.

show abstract

A hybrid deep learning model based low‐rate DoS attack detection method for software defined network

Cited by 10 publications

References 47 publications

An Asynchronous Federated Learning Arbitration Model for Low-Rate DDoS Attack Detection

An Asynchronous Federated Learning Arbitration Model for Low-Rate DDoS Attack Detection

Secure Multi-Path Selection with Optimal Controller Placement Using Hybrid Software-Defined Networks with Optimization Algorithm

Mutation boosted salp swarm optimizer meets rough set theory: A novel approach to software defect detection

Contact Info

Product

Resources

About