期刊文献+
共找到1,551篇文章
< 1 2 78 >
每页显示 20 50 100
IPv6中一种基于卷积的DDoS攻击两阶段防御机制 被引量:1
1
作者 王郁夫 王兴伟 +1 位作者 易波 黄敏 《软件学报》 EI CSCD 北大核心 2024年第5期2522-2542,共21页
针对IPv6快速普及背景下分布式拒绝服务(DDoS)攻击威胁不断增长的现状,提出一种两阶段的DDoS攻击防御机制,包括初期实时监控DDoS攻击发生的预检测阶段,以及告警后精准过滤DDoS攻击流量的深度检测阶段.首先,分析IPv6报文格式并解析PCAP... 针对IPv6快速普及背景下分布式拒绝服务(DDoS)攻击威胁不断增长的现状,提出一种两阶段的DDoS攻击防御机制,包括初期实时监控DDoS攻击发生的预检测阶段,以及告警后精准过滤DDoS攻击流量的深度检测阶段.首先,分析IPv6报文格式并解析PCAP流量捕获文件中的16进制头部字段作为样本元素.其次,在预检测阶段,引入轻量化二值卷积神经网络(BCNN),设计一种二维流量矩阵作为模型输入,整体感知网络在混杂DDoS流量后出现的恶意态势作为告警DDoS发生的证据.告警后,深度检测阶段介入,引入一维卷积神经网络(1DCNN)具体区分混杂的DDoS报文,从而下发阻断策略.在实验中,自建IPv6-LAN拓扑并基于NAT 4to6技术重放CIC-DDoS2019公开集生成纯IPv6-DDoS流量源测试.结果证明,所提机制提升针对DDoS攻击的响应速度、准确度和攻击流量过滤效率,当DDoS流量出现仅占总网络6%和10%时,BCNN就能以90.9%和96.4%的准确度感知到DDoS攻击的发生,同时1DCNN能够以99.4%准确率区分DDoS报文并过滤. 展开更多
关键词 ddos防御 两阶段 ddos攻击监控 ddos流量过滤 BCNN和1DCNN IPV6
下载PDF
入侵意图分析下的软件定义网络DDoS攻击检测方法 被引量:2
2
作者 徐涌霞 《成都工业学院学报》 2024年第1期64-68,81,共6页
为在数据样本回溯期内解决因本地信息熵值增大而造成的服务攻击问题,维护软件定义网络的运行安全性,提出入侵意图分析下的软件定义网络分布式拒绝服务(DDoS)攻击检测方法。按照软件定义网络场景重构原则,确定因果网转换标准,实现对识别... 为在数据样本回溯期内解决因本地信息熵值增大而造成的服务攻击问题,维护软件定义网络的运行安全性,提出入侵意图分析下的软件定义网络分布式拒绝服务(DDoS)攻击检测方法。按照软件定义网络场景重构原则,确定因果网转换标准,实现对识别参数的更新处理,完成攻击性行为的入侵意图分析,再定义DDoS数据集,根据攻击行为的时空特性,求解模型参数的取值范围,完成入侵意图分析下软件定义网络DDoS攻击检测方法的设计。实验结果表明,在该算法控制下数据样本回溯期为10 min,低于传统算法,能够较好维护软件定义网络的运行安全性。 展开更多
关键词 软件定义网络 ddos攻击 样本回溯期 本地信息熵 时空特性
下载PDF
基于时空图神经网络的应用层DDoS攻击检测方法
3
作者 王健 陈琳 +1 位作者 王凯崙 刘吉强 《信息网络安全》 CSCD 北大核心 2024年第4期509-519,共11页
分布式拒绝服务(Distributed Denial of Service,DDoS)攻击已经成为网络安全的主要威胁之一,其中应用层DDoS攻击是主要的攻击手段。应用层DDoS攻击是针对具体应用服务的攻击,其在网络层行为表现正常,传统安全设备无法有效抵御。同时,现... 分布式拒绝服务(Distributed Denial of Service,DDoS)攻击已经成为网络安全的主要威胁之一,其中应用层DDoS攻击是主要的攻击手段。应用层DDoS攻击是针对具体应用服务的攻击,其在网络层行为表现正常,传统安全设备无法有效抵御。同时,现有的针对应用层DDoS攻击的检测方法检测能力不足,难以适应攻击模式的变化。为此,文章提出一种基于时空图神经网络(Spatio-Temporal Graph Neural Network,STGNN)的应用层DDoS攻击检测方法,利用应用层服务的特征,从应用层数据和应用层协议交互信息出发,引入注意力机制并结合多个GraphSAGE层,学习不同时间窗口下的实体交互模式,进而计算检测流量与正常流量的偏差,完成攻击检测。该方法仅利用时间、源IP、目的IP、通信频率、平均数据包大小5维数据便可有效识别应用层DDoS攻击。由实验结果可知,该方法在攻击样本数量较少的情况下,与对比方法相比可获得较高的Recall和F1分数。 展开更多
关键词 ddos攻击 时空图神经网络 异常检测 注意力机制
下载PDF
基于流量特征重构与映射的物联网DDoS攻击单流检测方法
4
作者 谢丽霞 袁冰迪 +3 位作者 杨宏宇 胡泽 成翔 张良 《电信科学》 北大核心 2024年第1期92-105,共14页
针对现有检测方法对物联网(IoT)分布式拒绝服务(DDoS)攻击响应速度慢、特征差异性低、检测性能差等不足,提出了一种基于流量特征重构与映射的单流检测方法(SFDTFRM)。首先,为扩充特征,使用队列按照先入先出存储定长时间跨度内接收的流量... 针对现有检测方法对物联网(IoT)分布式拒绝服务(DDoS)攻击响应速度慢、特征差异性低、检测性能差等不足,提出了一种基于流量特征重构与映射的单流检测方法(SFDTFRM)。首先,为扩充特征,使用队列按照先入先出存储定长时间跨度内接收的流量,得到队列特征矩阵。其次,针对物联网设备正常通信流量与DDoS攻击流量存在相似性的问题,提出一种与基线模型相比更加轻量化的多维重构神经网络模型与一种函数映射方法,改进模型损失函数按照相应索引重构队列定量特征矩阵,并通过函数映射方法转化为映射特征矩阵,增强包括物联网设备正常通信流量与DDoS攻击流量在内的不同类型流量之间的差异和同类型流量的相似性。最后,使用文本卷积网络、信息熵计算分别提取映射特征矩阵和队列定性特征矩阵的频率信息,得到拼接向量,丰富单条流量的特征信息并使用机器学习分类器进行DDoS攻击流量检测。在两个基准数据集上的实验结果表明,SFDTFRM能够有效检测不同类型的DDoS攻击,检测性能指标平均值与现有方法相比最多提升12.01%。 展开更多
关键词 ddos攻击检测 多维重构 函数映射 机器学习
下载PDF
基于人工智能的物联网DDoS攻击检测
5
作者 印杰 陈浦 +2 位作者 杨桂年 谢文伟 梁广俊 《信息网络安全》 CSCD 北大核心 2024年第11期1615-1623,共9页
针对物联网DDoS攻击检测最优解问题,文章采用多种算法对物联网DDoS攻击进行检测和建模分类,运用核密度估计筛选出有影响的流量特征字段,建立基于机器学习和深度学习算法的DDoS攻击检测模型,分析了通过可逆残差神经网络和大语言模型处理... 针对物联网DDoS攻击检测最优解问题,文章采用多种算法对物联网DDoS攻击进行检测和建模分类,运用核密度估计筛选出有影响的流量特征字段,建立基于机器学习和深度学习算法的DDoS攻击检测模型,分析了通过可逆残差神经网络和大语言模型处理数据集并进行攻击检测的可行性。实验结果表明,ResNet50算法在综合指标上表现最好;在区分DDoS攻击流量和其他流量问题上,梯度提升类算法表现更优秀;在细分DDoS攻击类型方面,经过优化的ResNet50-GRU算法表现更好。 展开更多
关键词 物联网 ddos攻击 机器学习 深度学习算法 残差神经网络
下载PDF
基于多模态神经网络流量特征的网络应用层DDoS攻击检测方法
6
作者 王小宇 贺鸿鹏 +1 位作者 马成龙 陈欢颐 《沈阳农业大学学报》 CAS CSCD 北大核心 2024年第3期354-362,共9页
农业设备、传感器和监控系统与网络的连接日益紧密,给农村配电网带来了新的网络安全挑战。其中,分布式拒绝服务(DDoS)攻击是一种常见的网络威胁,对农村配电网的安全性构成了严重威胁。针对农村配电网的特殊需求,提出一种基于多模态神经... 农业设备、传感器和监控系统与网络的连接日益紧密,给农村配电网带来了新的网络安全挑战。其中,分布式拒绝服务(DDoS)攻击是一种常见的网络威胁,对农村配电网的安全性构成了严重威胁。针对农村配电网的特殊需求,提出一种基于多模态神经网络流量特征的网络应用层DDoS攻击检测方法。通过制定网络应用层流量数据包捕获流程并构建多模态神经网络模型,成功提取并分析了网络应用层DDoS攻击流量的特征。在加载DDoS攻击背景下的异常流量特征后,计算相关系数并设计相应的DDoS攻击检测规则,以实现对DDoS攻击的有效检测。经试验分析,所提出的方法在提取DDoS攻击相关特征上表现出色,最大提取完整度可达95%,效果明显优于对比试验中基于EEMD-LSTM的检测方法和基于条件熵与决策树的检测方法。 展开更多
关键词 农村配电网 流量特征提取 ddos攻击 网络应用层 多模态神经网络 攻击行为检测
下载PDF
Unknown DDoS Attack Detection with Fuzzy C-Means Clustering and Spatial Location Constraint Prototype Loss
7
作者 Thanh-Lam Nguyen HaoKao +2 位作者 Thanh-Tuan Nguyen Mong-Fong Horng Chin-Shiuh Shieh 《Computers, Materials & Continua》 SCIE EI 2024年第2期2181-2205,共25页
Since its inception,the Internet has been rapidly evolving.With the advancement of science and technology and the explosive growth of the population,the demand for the Internet has been on the rise.Many applications i... Since its inception,the Internet has been rapidly evolving.With the advancement of science and technology and the explosive growth of the population,the demand for the Internet has been on the rise.Many applications in education,healthcare,entertainment,science,and more are being increasingly deployed based on the internet.Concurrently,malicious threats on the internet are on the rise as well.Distributed Denial of Service(DDoS)attacks are among the most common and dangerous threats on the internet today.The scale and complexity of DDoS attacks are constantly growing.Intrusion Detection Systems(IDS)have been deployed and have demonstrated their effectiveness in defense against those threats.In addition,the research of Machine Learning(ML)and Deep Learning(DL)in IDS has gained effective results and significant attention.However,one of the challenges when applying ML and DL techniques in intrusion detection is the identification of unknown attacks.These attacks,which are not encountered during the system’s training,can lead to misclassification with significant errors.In this research,we focused on addressing the issue of Unknown Attack Detection,combining two methods:Spatial Location Constraint Prototype Loss(SLCPL)and Fuzzy C-Means(FCM).With the proposed method,we achieved promising results compared to traditional methods.The proposed method demonstrates a very high accuracy of up to 99.8%with a low false positive rate for known attacks on the Intrusion Detection Evaluation Dataset(CICIDS2017)dataset.Particularly,the accuracy is also very high,reaching 99.7%,and the precision goes up to 99.9%for unknown DDoS attacks on the DDoS Evaluation Dataset(CICDDoS2019)dataset.The success of the proposed method is due to the combination of SLCPL,an advanced Open-Set Recognition(OSR)technique,and FCM,a traditional yet highly applicable clustering technique.This has yielded a novel method in the field of unknown attack detection.This further expands the trend of applying DL and ML techniques in the development of intrusion detection systems and cybersecurity.Finally,implementing the proposed method in real-world systems can enhance the security capabilities against increasingly complex threats on computer networks. 展开更多
关键词 CYBERSECURITY ddos unknown attack detection machine learning deep learning incremental learning convolutional neural networks(CNN) open-set recognition(OSR) spatial location constraint prototype loss fuzzy c-means CICIDS2017 CICddos2019
下载PDF
基于深度学习和集成学习的DDoS攻击检测方法
8
作者 葛浩伟 杨启航 石乐义 《现代电子技术》 北大核心 2024年第3期63-67,共5页
针对DDoS攻击检测问题,提出一种深度集成学习算法,可以有效检测DDoS攻击并解决分类不平衡问题。该算法使用一种类权重投票算法并由若干深度学习子模型组成,子模型采用1D-CNN和BILSTM提高模型时序提取性能,并利用2D-CNN提取空间特征,综... 针对DDoS攻击检测问题,提出一种深度集成学习算法,可以有效检测DDoS攻击并解决分类不平衡问题。该算法使用一种类权重投票算法并由若干深度学习子模型组成,子模型采用1D-CNN和BILSTM提高模型时序提取性能,并利用2D-CNN提取空间特征,综合捕捉了样本的时空特性。在数据处理方面,通过对实验数据流量基于IP等特征进行分段,并将其转换为灰度图像,增强了模型对时空特征的感知能力,同时避免了传统手动特征提取可能引起的数据缺失问题。实验结果表明,该方法在多分类问题上达到了99.63%的准确率,可以准确检测DDoS攻击流量。 展开更多
关键词 CNN LSTM ddos 集成学习 深度学习 灰度图
下载PDF
基于节点路径重构和ELM的无线通信网络DDoS攻击源追踪
9
作者 方欲晓 何可人 《现代电子技术》 北大核心 2024年第13期93-96,共4页
在无线通信网络中,DDoS攻击通常涉及大量的攻击者和恶意节点,并以多种形式发起攻击。攻击流量经过中间节点和反射/放大攻击等技术手段后变得更加复杂,追踪其溯源路径和确定唯一的攻击源变得复杂。为此,文中研究基于节点路径重构和ELM的... 在无线通信网络中,DDoS攻击通常涉及大量的攻击者和恶意节点,并以多种形式发起攻击。攻击流量经过中间节点和反射/放大攻击等技术手段后变得更加复杂,追踪其溯源路径和确定唯一的攻击源变得复杂。为此,文中研究基于节点路径重构和ELM的无线通信网络DDoS攻击源追踪方法。通过正则化方式优化ELM的参数,检测获取DDoS攻击数据包;采用路由器标记算法标记DDoS攻击数据包,在无线通信网络域间重构攻击节点路径,获取DDoS攻击源位置,完成无线通信网络DDoS攻击源追踪。实验结果证明:文中方法可精准检测获取DDoS攻击数据包,并完成攻击数据包的标记,且可有效重构攻击节点路径,追踪到DDoS攻击源。 展开更多
关键词 节点路径重构 ELM 无线通信网络 ddos攻击源 正则化 攻击数据包 路由器标记 自治系统
下载PDF
基于Stacking的DDoS攻击检测方法
10
作者 付国庆 李俭兵 高雨薇 《计算机应用与软件》 北大核心 2024年第3期321-327,共7页
近年来DDoS攻击检测多采用机器学习的方法,Stacking便是其一,现阶段Stacking初级学习器的配置方法多为固定搭配,但由于DDoS攻击的复杂性和动态性,静态的配置策略显得灵活性较差。对此提出QGA-Stacking算法,即利用量子遗传算法(QGA)动态... 近年来DDoS攻击检测多采用机器学习的方法,Stacking便是其一,现阶段Stacking初级学习器的配置方法多为固定搭配,但由于DDoS攻击的复杂性和动态性,静态的配置策略显得灵活性较差。对此提出QGA-Stacking算法,即利用量子遗传算法(QGA)动态地选取Stacking中评价指标最高的一组学习器组合,从而提高检测模型的准确性和灵活性;提出一组最佳特征集来节省计算成本。经过实验对比,充分证明了QGA-Stacking算法相较于其他3种主流算法,其检测性能更加显著,最佳特征集的选取也较为合理。 展开更多
关键词 网络空间安全 ddos攻击检测 集成学习 STACKING 量子遗传算法
下载PDF
基于轻量级卷积神经网络的DDoS攻击检测研究
11
作者 叶彩瑞 徐华 邓在辉 《软件导刊》 2024年第3期8-14,共7页
分布式拒绝服务攻击(DDoS)可以攻击、侵入、破坏物联网设备。在COVID-19期间,将大量物联网终端设备用于疫情防控加速了信息交换频率,但过于简单的网络安全防御方式也让网络安全问题成为热议话题。深度学习(DL)已被广泛应用于网络安全领... 分布式拒绝服务攻击(DDoS)可以攻击、侵入、破坏物联网设备。在COVID-19期间,将大量物联网终端设备用于疫情防控加速了信息交换频率,但过于简单的网络安全防御方式也让网络安全问题成为热议话题。深度学习(DL)已被广泛应用于网络安全领域,用于检测和应对各类安全等级较低的网络环境。针对具备简单结构的智能终端,传统DL模型对计算和内存资源的需求较高,在应对大量流量攻击时,往往需要额外的运行成本。提出一种基于自注意力机制与轻量级卷积神经网络(Self-attention-LCNN)的模型,通过以流为单位,对特定时间段内的数据包提取特征,用于检测和预防复杂网络环境中针对智能终端的DDoS攻击。Self-attention-LCNN模型在CICDDos2019数据集上的准确率为99.21%,将模型部署在树莓派上得到的平均检测率为93%,说明Self-attention-LCNN模型在资源受限的智能终端攻击检测方面具有良好的识别效果。 展开更多
关键词 ddos 攻击检测 卷积神经网络 轻量级 自注意力机制 智能终端
下载PDF
基于动态阈值的可变速率DDoS攻击检测方法
12
作者 孙佳奇 谭小波 +1 位作者 郭浩然 张忠良 《沈阳工程学院学报(自然科学版)》 2024年第1期48-54,61,共8页
针对可变速率DDoS攻击检测难的问题,提出了一种基于动态阈值的可变速率DDoS攻击检测方法。该方法根据DDoS攻击流量特征,生成动态阈值,并应用冻结机制防止动态阈值参数被攻击流量污染,同时结合网络流的特征,使用BiLSTM模型双向学习经过... 针对可变速率DDoS攻击检测难的问题,提出了一种基于动态阈值的可变速率DDoS攻击检测方法。该方法根据DDoS攻击流量特征,生成动态阈值,并应用冻结机制防止动态阈值参数被攻击流量污染,同时结合网络流的特征,使用BiLSTM模型双向学习经过时间分割的网络流量,提取更多特征,识别可变速率DDoS攻击。在NSL-KDD数据集上进行实验,召回率达到98%,精度达到95%。实验表明:相比于固定阈值DDoS和传统动态阈值DDoS攻击检测方法,本文提出的方法在检测精度上有所提升,对DDoS攻击的检测能力有了显著提高。 展开更多
关键词 ddos攻击检测 动态阈值 冻结机制 双向长短时记忆网络
下载PDF
基于多尺度卷积神经网络的DDoS攻击检测方法
13
作者 李春辉 王小英 +3 位作者 张庆洁 刘翰卓 梁嘉烨 高宁康 《电脑与电信》 2024年第6期35-39,共5页
近年来,网络安全面临着日益严峻的挑战,其中分布式拒绝服务(DDoS)攻击是网络威胁中的一种常见形式。为了应对这一挑战,提出了一种基于多尺度卷积神经网络(MSCNN)的DDoS攻击检测方法。在CICDDoS2019day1数据集训练模型,CICDDoS2019day2... 近年来,网络安全面临着日益严峻的挑战,其中分布式拒绝服务(DDoS)攻击是网络威胁中的一种常见形式。为了应对这一挑战,提出了一种基于多尺度卷积神经网络(MSCNN)的DDoS攻击检测方法。在CICDDoS2019day1数据集训练模型,CICDDoS2019day2数据集测试模型检测性能。通过利用MSCNN对网络流量进行预测和分类,能够有效识别DDoS攻击并减少误报率。实验表明,MSCNN方法在准确性、召回率、F1得分性能指标上优于SVM、DNN、CNN、LSTM和GRU。 展开更多
关键词 ddos攻击 多尺度卷积神经网络 网络安全 深度学习
下载PDF
Cybernet Model:A New Deep Learning Model for Cyber DDoS Attacks Detection and Recognition
14
作者 Azar Abid Salih Maiwan Bahjat Abdulrazaq 《Computers, Materials & Continua》 SCIE EI 2024年第1期1275-1295,共21页
Cyberspace is extremely dynamic,with new attacks arising daily.Protecting cybersecurity controls is vital for network security.Deep Learning(DL)models find widespread use across various fields,with cybersecurity being... Cyberspace is extremely dynamic,with new attacks arising daily.Protecting cybersecurity controls is vital for network security.Deep Learning(DL)models find widespread use across various fields,with cybersecurity being one of the most crucial due to their rapid cyberattack detection capabilities on networks and hosts.The capabilities of DL in feature learning and analyzing extensive data volumes lead to the recognition of network traffic patterns.This study presents novel lightweight DL models,known as Cybernet models,for the detection and recognition of various cyber Distributed Denial of Service(DDoS)attacks.These models were constructed to have a reasonable number of learnable parameters,i.e.,less than 225,000,hence the name“lightweight.”This not only helps reduce the number of computations required but also results in faster training and inference times.Additionally,these models were designed to extract features in parallel from 1D Convolutional Neural Networks(CNN)and Long Short-Term Memory(LSTM),which makes them unique compared to earlier existing architectures and results in better performance measures.To validate their robustness and effectiveness,they were tested on the CIC-DDoS2019 dataset,which is an imbalanced and large dataset that contains different types of DDoS attacks.Experimental results revealed that bothmodels yielded promising results,with 99.99% for the detectionmodel and 99.76% for the recognition model in terms of accuracy,precision,recall,and F1 score.Furthermore,they outperformed the existing state-of-the-art models proposed for the same task.Thus,the proposed models can be used in cyber security research domains to successfully identify different types of attacks with a high detection and recognition rate. 展开更多
关键词 Deep learning CNN LSTM Cybernet model ddos recognition
下载PDF
IGED:Towards Intelligent DDoS Detection Model Using Improved Generalized Entropy and DNN
15
作者 Yanhua Liu Yuting Han +3 位作者 HuiChen Baokang Zhao XiaofengWang Ximeng Liu 《Computers, Materials & Continua》 SCIE EI 2024年第8期1851-1866,共16页
As the scale of the networks continually expands,the detection of distributed denial of service(DDoS)attacks has become increasingly vital.We propose an intelligent detection model named IGED by using improved general... As the scale of the networks continually expands,the detection of distributed denial of service(DDoS)attacks has become increasingly vital.We propose an intelligent detection model named IGED by using improved generalized entropy and deep neural network(DNN).The initial detection is based on improved generalized entropy to filter out as much normal traffic as possible,thereby reducing data volume.Then the fine detection is based on DNN to perform precise DDoS detection on the filtered suspicious traffic,enhancing the neural network’s generalization capabilities.Experimental results show that the proposed method can efficiently distinguish normal traffic from DDoS traffic.Compared with the benchmark methods,our method reaches 99.9%on low-rate DDoS(LDDoS),flooded DDoS and CICDDoS2019 datasets in terms of both accuracy and efficiency in identifying attack flows while reducing the time by 17%,31%and 8%. 展开更多
关键词 ddos REAL-TIME improved generalized entropy DNN
下载PDF
Explainable AI-Based DDoS Attacks Classification Using Deep Transfer Learning
16
作者 Ahmad Alzu’bi Amjad Albashayreh +1 位作者 Abdelrahman Abuarqoub Mai A.M.Alfawair 《Computers, Materials & Continua》 SCIE EI 2024年第9期3785-3802,共18页
In the era of the Internet of Things(IoT),the proliferation of connected devices has raised security concerns,increasing the risk of intrusions into diverse systems.Despite the convenience and efficiency offered by Io... In the era of the Internet of Things(IoT),the proliferation of connected devices has raised security concerns,increasing the risk of intrusions into diverse systems.Despite the convenience and efficiency offered by IoT technology,the growing number of IoT devices escalates the likelihood of attacks,emphasizing the need for robust security tools to automatically detect and explain threats.This paper introduces a deep learning methodology for detecting and classifying distributed denial of service(DDoS)attacks,addressing a significant security concern within IoT environments.An effective procedure of deep transfer learning is applied to utilize deep learning backbones,which is then evaluated on two benchmarking datasets of DDoS attacks in terms of accuracy and time complexity.By leveraging several deep architectures,the study conducts thorough binary and multiclass experiments,each varying in the complexity of classifying attack types and demonstrating real-world scenarios.Additionally,this study employs an explainable artificial intelligence(XAI)AI technique to elucidate the contribution of extracted features in the process of attack detection.The experimental results demonstrate the effectiveness of the proposed method,achieving a recall of 99.39%by the XAI bidirectional long short-term memory(XAI-BiLSTM)model. 展开更多
关键词 ddos attack classification deep learning explainable AI CYBERSECURITY
下载PDF
Detection of Real-Time Distributed Denial-of-Service (DDoS) Attacks on Internet of Things (IoT) Networks Using Machine Learning Algorithms
17
作者 Zaed Mahdi Nada Abdalhussien +1 位作者 Naba Mahmood Rana Zaki 《Computers, Materials & Continua》 SCIE EI 2024年第8期2139-2159,共21页
The primary concern of modern technology is cyber attacks targeting the Internet of Things.As it is one of the most widely used networks today and vulnerable to attacks.Real-time threats pose with modern cyber attacks... The primary concern of modern technology is cyber attacks targeting the Internet of Things.As it is one of the most widely used networks today and vulnerable to attacks.Real-time threats pose with modern cyber attacks that pose a great danger to the Internet of Things(IoT)networks,as devices can be monitored or service isolated from them and affect users in one way or another.Securing Internet of Things networks is an important matter,as it requires the use of modern technologies and methods,and real and up-to-date data to design and train systems to keep pace with the modernity that attackers use to confront these attacks.One of the most common types of attacks against IoT devices is Distributed Denial-of-Service(DDoS)attacks.Our paper makes a unique contribution that differs from existing studies,in that we use recent data that contains real traffic and real attacks on IoT networks.And a hybrid method for selecting relevant features,And also how to choose highly efficient algorithms.What gives the model a high ability to detect distributed denial-of-service attacks.the model proposed is based on a two-stage process:selecting essential features and constructing a detection model using the K-neighbors algorithm with two classifier algorithms logistic regression and Stochastic Gradient Descent classifier(SGD),combining these classifiers through ensemble machine learning(stacking),and optimizing parameters through Grid Search-CV to enhance system accuracy.Experiments were conducted to evaluate the effectiveness of the proposed model using the CIC-IoT2023 and CIC-DDoS2019 datasets.Performance evaluation demonstrated the potential of our model in robust intrusion detection in IoT networks,achieving an accuracy of 99.965%and a detection time of 0.20 s for the CIC-IoT2023 dataset,and 99.968%accuracy with a detection time of 0.23 s for the CIC-DDoS 2019 dataset.Furthermore,a comparative analysis with recent related works highlighted the superiority of our methodology in intrusion detection,showing improvements in accuracy,recall,and detection time. 展开更多
关键词 ddos Service NETWORKS
下载PDF
Machine Learning Enabled Novel Real-Time IoT Targeted DoS/DDoS Cyber Attack Detection System
18
作者 Abdullah Alabdulatif Navod Neranjan Thilakarathne Mohamed Aashiq 《Computers, Materials & Continua》 SCIE EI 2024年第9期3655-3683,共29页
The increasing prevalence of Internet of Things(IoT)devices has introduced a new phase of connectivity in recent years and,concurrently,has opened the floodgates for growing cyber threats.Among the myriad of potential... The increasing prevalence of Internet of Things(IoT)devices has introduced a new phase of connectivity in recent years and,concurrently,has opened the floodgates for growing cyber threats.Among the myriad of potential attacks,Denial of Service(DoS)attacks and Distributed Denial of Service(DDoS)attacks remain a dominant concern due to their capability to render services inoperable by overwhelming systems with an influx of traffic.As IoT devices often lack the inherent security measures found in more mature computing platforms,the need for robust DoS/DDoS detection systems tailored to IoT is paramount for the sustainable development of every domain that IoT serves.In this study,we investigate the effectiveness of three machine learning(ML)algorithms:extreme gradient boosting(XGB),multilayer perceptron(MLP)and random forest(RF),for the detection of IoTtargeted DoS/DDoS attacks and three feature engineering methods that have not been used in the existing stateof-the-art,and then employed the best performing algorithm to design a prototype of a novel real-time system towards detection of such DoS/DDoS attacks.The CICIoT2023 dataset was derived from the latest real-world IoT traffic,incorporates both benign and malicious network traffic patterns and after data preprocessing and feature engineering,the data was fed into our models for both training and validation,where findings suggest that while all threemodels exhibit commendable accuracy in detectingDoS/DDoS attacks,the use of particle swarmoptimization(PSO)for feature selection has made great improvements in the performance(accuracy,precsion recall and F1-score of 99.93%for XGB)of the ML models and their execution time(491.023 sceonds for XGB)compared to recursive feature elimination(RFE)and randomforest feature importance(RFI)methods.The proposed real-time system for DoS/DDoS attack detection entails the implementation of an platform capable of effectively processing and analyzing network traffic in real-time.This involvesemploying the best-performing ML algorithmfor detection and the integration of warning mechanisms.We believe this approach will significantly enhance the field of security research and continue to refine it based on future insights and developments. 展开更多
关键词 Machine learning Internet of Things(IoT) DoS ddos CYBERSECURITY intrusion prevention network security feature optimization sustainability
下载PDF
Enhanced DDoS Detection Using Advanced Machine Learning and Ensemble Techniques in Software Defined Networking
19
作者 Hira Akhtar Butt Khoula Said Al Harthy +3 位作者 Mumtaz Ali Shah Mudassar Hussain Rashid Amin Mujeeb Ur Rehman 《Computers, Materials & Continua》 SCIE EI 2024年第11期3003-3031,共29页
Detecting sophisticated cyberattacks,mainly Distributed Denial of Service(DDoS)attacks,with unexpected patterns remains challenging in modern networks.Traditional detection systems often struggle to mitigate such atta... Detecting sophisticated cyberattacks,mainly Distributed Denial of Service(DDoS)attacks,with unexpected patterns remains challenging in modern networks.Traditional detection systems often struggle to mitigate such attacks in conventional and software-defined networking(SDN)environments.While Machine Learning(ML)models can distinguish between benign and malicious traffic,their limited feature scope hinders the detection of new zero-day or low-rate DDoS attacks requiring frequent retraining.In this paper,we propose a novel DDoS detection framework that combines Machine Learning(ML)and Ensemble Learning(EL)techniques to improve DDoS attack detection and mitigation in SDN environments.Our model leverages the“DDoS SDN”dataset for training and evaluation and employs a dynamic feature selection mechanism that enhances detection accuracy by focusing on the most relevant features.This adaptive approach addresses the limitations of conventional ML models and provides more accurate detection of various DDoS attack scenarios.Our proposed ensemble model introduces an additional layer of detection,increasing reliability through the innovative application of ensemble techniques.The proposed solution significantly enhances the model’s ability to identify and respond to dynamic threats in SDNs.It provides a strong foundation for proactive DDoS detection and mitigation,enhancing network defenses against evolving threats.Our comprehensive runtime analysis of Simultaneous Multi-Threading(SMT)on identical configurations shows superior accuracy and efficiency,with significantly reduced computational time,making it ideal for real-time DDoS detection in dynamic,rapidly changing SDNs.Experimental results demonstrate that our model achieves outstanding performance,outperforming traditional algorithms with 99%accuracy using Random Forest(RF)and K-Nearest Neighbors(KNN)and 98%accuracy using XGBoost. 展开更多
关键词 Table 1(continued)OSI layer Possible ddos attack Data link MAC Address Flooding Physical Cable disconnection JaMMING physical impersonation
下载PDF
基于深度学习与开集识别技术的对抗式DDoS攻击检测技术
20
作者 吴志祥 刘莉丹 高博 《邮电设计技术》 2024年第8期18-23,共6页
网络已成为现代生活不可或缺的一部分,但也面临着诸多的安全风险,特别是分布式拒绝服务(DDoS)攻击。利用人工智能(AI)技术可应对DDoS攻击带来的挑战。基于CNN-Geo和CycleGAN技术,提出一种包含一个增量学习模块的防御模型,该增量学习模... 网络已成为现代生活不可或缺的一部分,但也面临着诸多的安全风险,特别是分布式拒绝服务(DDoS)攻击。利用人工智能(AI)技术可应对DDoS攻击带来的挑战。基于CNN-Geo和CycleGAN技术,提出一种包含一个增量学习模块的防御模型,该增量学习模块能够训练未知流量并不断提高模型的防御能力。该模型可以识别偏离学习分布的未知攻击,评估结果表明其准确度超过98.16%,增强了对现实场景中不断演变的DDoS攻击策略的检测和防御能力。 展开更多
关键词 ddos AI 开放集识别 CNN-Geo CycleGAN 增量学习
下载PDF
上一页 1 2 78 下一页 到第
使用帮助 返回顶部