DAD-MCNN:通过多通道CNN检测DDoS攻击

International Conference on Machine Learning and Computing Pub Date : 2019-02-22 DOI:10.1145/3318299.3318329

Jinyin Chen, Yitao Yang, Keke Hu, Hai-bin Zheng, Zhen Wang

{"title":"DAD-MCNN:通过多通道CNN检测DDoS攻击","authors":"Jinyin Chen, Yitao Yang, Keke Hu, Hai-bin Zheng, Zhen Wang","doi":"10.1145/3318299.3318329","DOIUrl":null,"url":null,"abstract":"With the continuous development of web services, the web security becomes more and more important. Distributed Denial of Service (DDoS) attack as one of the most common form of attacks, has produced serious economic damages. DDoS attack detection as one of main defense methods is suffered increasing attention by researchers. Most of them use machine learning methods to make good detection performance. However, there are still gaps between real detection rate and expected one, conventional machine learning methods are limited compared with deep learning. In this paper, we propose DAD-MCNN, a multi-channel CNN(MC-CNN) based DDoS attack detection framework, which can fully utilize information from a huge amount of network packages and set up an earlier warning system. Our contributions can be summarized as follows: (1) we propose a new preprocessing method for the network dataset. (2) MC-CNN is applied to detect DDoS attack and the detection result is decided by data in respective channels. (3) We use incremental training method to optimize training procedures and time in MC-CNN. (4) The experiment result shows that MC-CNN has the highest accuracy compared with conventional machine learning methods. The result also proves that our approach has performed well not only in DDoS attack detection but also in other anomaly attack detection.","PeriodicalId":164987,"journal":{"name":"International Conference on Machine Learning and Computing","volume":"59 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"25","resultStr":"{\"title\":\"DAD-MCNN: DDoS Attack Detection via Multi-channel CNN\",\"authors\":\"Jinyin Chen, Yitao Yang, Keke Hu, Hai-bin Zheng, Zhen Wang\",\"doi\":\"10.1145/3318299.3318329\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the continuous development of web services, the web security becomes more and more important. Distributed Denial of Service (DDoS) attack as one of the most common form of attacks, has produced serious economic damages. DDoS attack detection as one of main defense methods is suffered increasing attention by researchers. Most of them use machine learning methods to make good detection performance. However, there are still gaps between real detection rate and expected one, conventional machine learning methods are limited compared with deep learning. In this paper, we propose DAD-MCNN, a multi-channel CNN(MC-CNN) based DDoS attack detection framework, which can fully utilize information from a huge amount of network packages and set up an earlier warning system. Our contributions can be summarized as follows: (1) we propose a new preprocessing method for the network dataset. (2) MC-CNN is applied to detect DDoS attack and the detection result is decided by data in respective channels. (3) We use incremental training method to optimize training procedures and time in MC-CNN. (4) The experiment result shows that MC-CNN has the highest accuracy compared with conventional machine learning methods. The result also proves that our approach has performed well not only in DDoS attack detection but also in other anomaly attack detection.\",\"PeriodicalId\":164987,\"journal\":{\"name\":\"International Conference on Machine Learning and Computing\",\"volume\":\"59 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-02-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"25\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Conference on Machine Learning and Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3318299.3318329\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Machine Learning and Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3318299.3318329","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 25

摘要

随着web服务的不断发展，web安全变得越来越重要。分布式拒绝服务(DDoS)攻击作为一种最常见的攻击形式，已经造成了严重的经济损失。DDoS攻击检测作为主要的防御手段之一，越来越受到研究人员的重视。它们大多使用机器学习方法来获得良好的检测性能。然而，实际检测率与预期检测率之间仍然存在差距，传统的机器学习方法与深度学习相比存在局限性。本文提出了一种基于多通道CNN(MC-CNN)的DDoS攻击检测框架DAD-MCNN，该框架可以充分利用大量网络数据包中的信息，并建立早期预警系统。我们的贡献可以概括如下:(1)我们提出了一种新的网络数据集预处理方法。(2)采用MC-CNN对DDoS攻击进行检测，检测结果由各通道数据决定。(3)采用增量训练方法优化MC-CNN的训练过程和时间。(4)实验结果表明，与传统的机器学习方法相比，MC-CNN具有最高的准确率。结果表明，该方法不仅适用于DDoS攻击检测，也适用于其他异常攻击检测。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

DAD-MCNN: DDoS Attack Detection via Multi-channel CNN

With the continuous development of web services, the web security becomes more and more important. Distributed Denial of Service (DDoS) attack as one of the most common form of attacks, has produced serious economic damages. DDoS attack detection as one of main defense methods is suffered increasing attention by researchers. Most of them use machine learning methods to make good detection performance. However, there are still gaps between real detection rate and expected one, conventional machine learning methods are limited compared with deep learning. In this paper, we propose DAD-MCNN, a multi-channel CNN(MC-CNN) based DDoS attack detection framework, which can fully utilize information from a huge amount of network packages and set up an earlier warning system. Our contributions can be summarized as follows: (1) we propose a new preprocessing method for the network dataset. (2) MC-CNN is applied to detect DDoS attack and the detection result is decided by data in respective channels. (3) We use incremental training method to optimize training procedures and time in MC-CNN. (4) The experiment result shows that MC-CNN has the highest accuracy compared with conventional machine learning methods. The result also proves that our approach has performed well not only in DDoS attack detection but also in other anomaly attack detection.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Conference on Machine Learning and Computing

自引率

0.00%

发文量