Enhanced Network Defense: Optimized Multi-Layer Ensemble for DDoS Attack Detection

Deepak Singh Rajput; Arvind Kumar Upadhyay

doi:10.52756/ijerr.2024.v46.020

Authors

Deepak Singh Rajput Department of Computer Science and Engineering, Amity University, Gwalior, Madhya Pradesh, India https://orcid.org/0009-0001-3737-049X
Arvind Kumar Upadhyay Department of Computer Science and Engineering, Amity University, Gwalior, Madhya Pradesh, India https://orcid.org/0000-0001-5808-9691

DOI:

https://doi.org/10.52756/ijerr.2024.v46.020

Keywords:

DDoS, XGBoos, AdaBoos, RF, SVM, CNN, LSTM, CICDDoS2019

Abstract

In today's digitally connected world, Distributed Denial of Service (DDoS) attacks remain a formidable challenge, undermining the stability of network infrastructures and demanding robust detection strategies. This research explores advanced methodologies for DDoS detection by conducting a comparative analysis of machine learning and deep learning approaches using the CICDDoS2019 dataset. Initially, a hybrid machine learning framework is implemented, integrating K-Means clustering for pre-labeling the dataset and employing supervised models such as Random Forest (RF), Extreme Gradient Boosting (XGBoost), Adaptive Boosting (AdaBoost), Support Vector Machine (SVM), and Artificial Neural Network (ANN). This approach achieves an accuracy of 99.46%, showcasing its effectiveness while highlighting challenges like manual feature selection and limited scalability for complex datasets. A novel hybrid deep learning architecture is proposed to overcome these challenges, combining Convolutional Neural Networks (CNN) for spatial feature extraction and Long Short-Term Memory (LSTM) networks for temporal sequence learning. This automated feature extraction mechanism eliminates reliance on manual intervention, ensuring adaptability to evolving attack patterns. The proposed CNN-LSTM model demonstrates an impressive accuracy of 99.84%, significantly outperforming traditional machine learning models. Additionally, the model's adaptability and resilience against dynamic attack behaviours position it as a reliable solution for real-time DDoS mitigation. This study emphasizes the growing relevance of deep learning techniques in enhancing cyber security and underscores the potential of hybrid architectures in effectively detecting and mitigating modern cyber threats. The findings provide valuable insights into developing scalable, high-performance systems capable of addressing the ever-evolving nature of DDoS attacks.

References

Abid, Y. A., Wu, J., Xu, G., Fu, S., & Waqas, M. (2024). Multilevel deep neural network approach for enhanced distributed denial-of-service attack detection and classification in software-defined Internet of things networks. IEEE Internet of Things Journal, 11(14), 24715-24725. https://doi.org/10.1109/jiot.2024.3376578.

Abreu Maranhão, J. P., Carvalho Lustosa da Costa, J. P., Pignaton de Freitas, E., Javidi, E., & Timóteo de Sousa Júnior, R. (2020). Error-robust distributed denial of service attack detection based on an average common feature extraction technique. Sensors, 20(20), 5845. https://doi.org/10.3390/s20205845.

Alanazi, F., Jambi, K., Eassa, F., Khemakhem, M., Basuhail, A., & Alsubhi, K. (2022). Ensemble Deep Learning Models for Mitigating DDoS Attack in Software-Defined Network. Intelligent Automation and Soft Computing, 32, 923-938. https://doi.org/10.32604/iasc.2022.024668

Alasmari, T., Eshmawi, A., Alshomrani, A., & Hsairi, L. (2023). CNN-LSTM based approach for DDoS detection. 2023 Eighth International Conference On Mobile And Secure Services (MobiSecServ), pp. 1-6. https://doi.org/10.1109/mobisecserv58080.2023.10329028

Alzahrani, F., Aljohani, H., & Ba-Alwi, F. (2022). Improved CNN-LSTM Model for DDoS Detection in IoT Networks. Future Generation Computer Systems, 128, 208-221.

Andresini, G., Appice, A., Mauro, N. D., Loglisci, C., & Malerba, D. (2020). Multi-Channel Deep Feature Learning for Intrusion Detection. IEEE Access, 8, 53346–53359. https://doi.org/10.1109/access.2020.2980937

Behal, S., Saluja, K. K., & Meenakshi. (2021). Distributed Denial of Service Attack Detection Using Deep Learning Approaches. IEEE 2021 8th International Conference on “Computing for Sustainable Global Developmen, 17th-19th March, 2021. https://doi.org/10.1109/INDIACom51348.2021.00087

Bhatt, D., Sharma, V., & Rajput, D. S. (2021). CNN-LSTM Model for Predicting Network Anomalies. Multimedia Tools and Applications, 80, 15381-15400.

Borgiani, V., Moratori, P., Kazienko, J. F., Tubino, E. R., & Quincozes, S. E. (2021). Toward a distributed approach for detection and mitigation of denial-of-service attacks within industrial Internet of things. IEEE Internet of Things Journal, 8(6), 4569-4578. https://doi.org/10.1109/jiot.2020.3028652.

Dangi, N., Verma, A. K., & Thoke, A. S. (2021). CNN-LSTM Hybrid Model for Network Intrusion Detection. Journal of Network and Computer Applications, 173, 102883.

Devan, P., & Khare, N. (2020). An efficient xgboost–dnn-based classification model for network intrusion detection system. Neural Computing and Applications, 32(16), 12499-12514. https://doi.org/10.1007/s00521-020-04708-x

Effah, E. Q., Osei, E. O., Maxwell Dorgbefu Jnr., & Tetteh, A. (2024). Hybrid approach to classification of DDoS attacks on a computer network infrastructure. Asian Journal of Research in Computer Science, 17(4), 19-43. https://doi.org/10.9734/ajrcos/2024/v17i4428

Gamal, H. E., Amer, E., & Nassar, H. (2022). Deep Learning-Based CNN-LSTM Model for Detecting DDoS Attacks in Software - Defined Networks. Computers & Security, 114, 102595.

Halladay, J., Cullen, D., Briner, N., Warren, J., Fye, K., Basnet, R., Bergen, J., & Doleck, T. (2022). Detection and characterization of DDoS attacks using time-based features. IEEE Access, 10, 49794-49807. https://doi.org/10.1109/access.2022.3173319

Hossain, M. D., Inoue, H., Ochiai, H., Fall, D., & Kadobayashi, Y. (2020). LSTM-based intrusion detection system for in-vehicle can bus communications. IEEE Access, 8, 185489-185502. https://doi.org/10.1109/access.2020.3029307

Jiang, K., Wang, W., Wang, A., & Wu, H. (2020). Network intrusion detection combined hybrid sampling with deep hierarchical network. IEEE Access, 8, 32464-32476. https://doi.org/10.1109/access.2020.2973730

Musa, N. S., Mirza, N. M., Rafique, S. H., Abdallah, A. M., & Murugan, T. (2024). Machine Learning and Deep Learning Techniques for Distributed Denial of Service Anomaly Detection in Software Defined Networks—Current Research Solutions. IEEE Access, 12, 17982–18011. https://doi.org/10.1109/access.2024.3360868

Polat, H., Polat, O., & Cetin, A. (2020). Detecting DDoS attacks in software-defined networks through feature selection methods and machine learning models. Sustainability, 12(3), 1035. https://doi.org/10.3390/su12031035

Ramzan, M., Shoaib, M., Altaf, A., Arshad, S., Iqbal, F., Castilla, Á. K., & Ashraf, I. (2023). Distributed Denial of Service Attack Detection in Network Traffic Using Deep Learning Algorithm. Sensors, 23(20), 8642. https://doi.org/10.3390/s23208642

Salehi, M., & Yari, A. (2024). Detecting DOS attacks using a hybrid CNN-LSTM model. 2024 10th International Conference on Web Research (ICWR), pp. 397-401. https://doi.org/10.1109/icwr61162.2024.10533358

Salih, A.A., & Abdulrazaq, M.B. (2024). Cybernet model: A new deep learning model for cyber DDOS attacks detection and recognition. Computers, Materials & Continua, 78(1), 1275-1295. https://doi.org/10.32604/cmc.2023.046101

Saxena, U., Sodhi, J., & Singh, Y. (2020). An analysis of DDoS attacks in a smart home networks. 2020 10th International Conference on Cloud Computing, Data Science & Engineering, 272-276. https://doi.org/10.1109/confluence47617.2020.9058087

Seifousadati, A., & Ghasemshirazi, S., & Fathian, M. (2021). A Machine Learning Approach for DDoS Detection on IoT Devices. https://doi.org/10.48550/arXiv.2110.14911

Sharma, S., & Shakya, H. K. (2022). Hybrid Real-Time Implicit Feedback SOM-Based Movie Recommendation Systems. In International Conference on Computing, Communications, and Cyber-Security (pp. 371-388). Singapore: Springer Nature Singapore. https://doi.org/10.1007/978-981-99-1479-1_28

Sharma, S., Dubey, G. P., Shakya, H. K., & Motwani, D. (2023). Hybrid Filtering Methods in Movie Recommendation: The Enhanced SOM Approach. In International Conference on Information Systems and Management Science (pp. 174-187). Cham: Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-70789-6_14

Sharma, S., Prasad, G., Kumar, H., & Sharma, A. (2024a). SOM and hybrid filtering: pioneering next-gen movie recommendations in the entertainment industry. J. Fusion: Pract. Appl. 16(2), 43–62. https://doi.org/10.54216/FPA.160204

Sharma, S., Dubey, G.P., & Shakya, H.K. (2024b). Optimizing User Satisfaction in Movie Recommendations Using Variable Learning Rates and Dynamic Neighborhood Functions in SOMs. International Journal of Experimental Research and Review, 41(spl.), 130-145. https://doi.org/10.52756/ijerr.2024.v41spl.011

Sharma, S., Dubey, G.P., & Shakya, H.K. (2024c). Reducing Cluster Overlap in Movie Recommendations with IKSOM and Silhouette Clustering. International Journal of Experimental Research and Review, 42, 169-182. https://doi.org/10.52756/ijerr.2024.v42.015

Sindian, S., & Sindian, S. (2020). An enhanced deep autoencoder-based approach for DDoS attack detection. WSEAS Transactions on Systems and Control, 15, 716-724. https://doi.org/10.37394/23203.2020.15.72

Sharma, S., & Shakya, H. K. (2024). Hybrid recommendation system for movies using artificial neural network. Expert Systems with Applications, 258, 125194. https://doi.org/10.1016/j.eswa.2024.125194

Sharma, S., & Shakya, H. K. (2022, October). Hybrid Real-Time Implicit Feedback SOM-Based Movie Recommendation Systems. In International Conference on Computing, Communications, and Cyber-Security (pp. 371-388). Singapore: Springer Nature Singapore. https://doi.org/10.1007/978-981-99-1479-1_28

Sharma, S., Shakya, H. K., & Marriboyina, V. (2021). A location based novel recommender framework of user interest through data categorization. Materials Today: Proceedings, 47, 7155-7161. https://doi.org/10.1016/j.matpr.2021.06.325

Sumathi, D., Rajesh, R., & Lim, S. (2022). Recurrent and Deep Learning Neural Network Models for DDoS Attack Detection. Journal of Sensors, 2022, 1-21. https://doi.org/10.1155/2022/8530312

Vinayakumar, R., Alazab, M., Soman, K. P., Poornachandran, P., Al-Nemrat, A., & Venkatraman, S. (2019). Deep learning approach for intelligent intrusion detection system. IEEE Access, 7, 41525-41550. https://doi.org/10.1109/access.2019.2895334

Woo, S., Kim, J., and Lee, H. (2000). Hybrid CNN-LSTM Network Model for Detecting DDoS Attacks in SDN. Sensors, 20(12), 3486

Xu, W., Liu, S., & Wang, G. (2022). An Enhanced CNN-LSTM-Based Network Intrusion Detection System. Journal of Information Security and Applications, 64, 102865.

Yin, C., Zhu, Y., Fei, J., & He, X. (2021). CNN-LSTM Deep Learning Framework for Cyberattack Detection. IEEE Transactions on Network and Service Management, 18(3), 345-354.

Zhang, Y., Shen, C., and Zhang, W. (2020). An Effective Convolutional Neural Network LSTM Model for DDoS Attack Detection. International Journal of Distributed Sensor Networks, 16(12), 1550147720977910.

Zhou, L., Zhu, Y., Zong, T., & Xiang, Y. (2022). A feature selection-based method for DDoS attack flow classification. Future Generation Computer Systems, 132, 67-79. https://doi.org/10.1016/j.future.2022.02.006