Deep Learning-based DDoS Detection in Network Traffic Data

Abstract

In today's society, the cloud is essential for communication since it allows access to important information anytime and anywhere. However, cloud services also attract hackers who want to exploit online details. This has caused significant changes in the cyber-attack landscape. Distributed Denial of Service (DDoS) is the most common attack. Traditional tools like firewalls and encryption can mitigate these risks, but new models are needed to cope with the changing nature of cyber-attacks. Detecting DDoS attacks is particularly challenging since network traffic data is complex and often contains unnecessary features. To address this, a new approach is proposed using Denoising AutoEncoder (DAE) and a Convolutional Neural Network (CNN) for feature selection and classification. The NSL-KDD dataset is used to evaluate the performance of this new model with three main steps: Data Pre- processing, Hyper-parameter Optimization, and Classification. Our method performed better in all four metrics, such as Accuracy, Recall, Precision, and F1-score, with rates of 97.7, 98.1, 97.7, and 97.8, respectively. The multiclass classification detection rate for DOS was 100%. Similarly, the detection rates for Probe, R2L, and U2R were 98%, 95%, and 80%, respectively. Python version 3.6 with Keras 2.2.4 and TensorFlow Engine was used in this paper.