DDOS attacks detection based on attention-deep learning and local outlier factor

Abstract

One of the most significant security concerns confronting network technology is the detection of distributed denial of service (DDOS). This paper introduces a semi-supervised data-driven approach to the detection of DDOS attacks. The proposed method employs normal events data without labeling to train the detection model. Specifically, this approach introduces an improved autoencoder (AE) model by incorporating a Gated Recurrent Unit (GRU) based on the attention mechanism (AM) at the encoder and decoder sides of the AE model. GRU enhances the AE's ability to learn temporal dependencies, and the AM enables the selection of relevant features. For DDOS attacks detection, the local outlier factor (LOF) anomaly detection algorithm is applied to extracted features from the improved AE model. The performance of the proposed approach has been verified using DDOS publically available datasets.