{"title":"GoGDDoS:基于图神经网络的DDoS攻击多分类器","authors":"Yuzhen Li, Zhou-yu Zhou, Renjie Li, Fengyuan Shi, Jiang Guo, Qingyun Liu","doi":"10.1109/ISCC58397.2023.10218316","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service (DDoS) attacks are rising, evolving and growing sophistication. Multi-vector which leverages more than one methods is prevalent recently. To cope with multi-vector DDoS attack, it is necessary to classify DDoS attacks for taking robust measures. However, existing ML-based approaches for DDoS traffic multi-classification barely leverage relationships between packets and flows, which are crucial information that can significantly improve multi-classification performance. This paper proposes GoGDDoS, a multi-classifier for DDoS attacks. Concretely, we construct GoG traffic graph to clearly compress relationships between packets and flows. It merges relationship graphs of packets and flows by using graph of graph. Then, we build a two-level Graph Neural Network model to mine potential attack patterns from GoG traffic graph. The experiments with well-known datasets show that GoGDDoS performs better than its counterparts.","PeriodicalId":265337,"journal":{"name":"2023 IEEE Symposium on Computers and Communications (ISCC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"GoGDDoS: A Multi-Classifier for DDoS Attacks Using Graph Neural Networks\",\"authors\":\"Yuzhen Li, Zhou-yu Zhou, Renjie Li, Fengyuan Shi, Jiang Guo, Qingyun Liu\",\"doi\":\"10.1109/ISCC58397.2023.10218316\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed Denial of Service (DDoS) attacks are rising, evolving and growing sophistication. Multi-vector which leverages more than one methods is prevalent recently. To cope with multi-vector DDoS attack, it is necessary to classify DDoS attacks for taking robust measures. However, existing ML-based approaches for DDoS traffic multi-classification barely leverage relationships between packets and flows, which are crucial information that can significantly improve multi-classification performance. This paper proposes GoGDDoS, a multi-classifier for DDoS attacks. Concretely, we construct GoG traffic graph to clearly compress relationships between packets and flows. It merges relationship graphs of packets and flows by using graph of graph. Then, we build a two-level Graph Neural Network model to mine potential attack patterns from GoG traffic graph. The experiments with well-known datasets show that GoGDDoS performs better than its counterparts.\",\"PeriodicalId\":265337,\"journal\":{\"name\":\"2023 IEEE Symposium on Computers and Communications (ISCC)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-07-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE Symposium on Computers and Communications (ISCC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCC58397.2023.10218316\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE Symposium on Computers and Communications (ISCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC58397.2023.10218316","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
GoGDDoS: A Multi-Classifier for DDoS Attacks Using Graph Neural Networks
Distributed Denial of Service (DDoS) attacks are rising, evolving and growing sophistication. Multi-vector which leverages more than one methods is prevalent recently. To cope with multi-vector DDoS attack, it is necessary to classify DDoS attacks for taking robust measures. However, existing ML-based approaches for DDoS traffic multi-classification barely leverage relationships between packets and flows, which are crucial information that can significantly improve multi-classification performance. This paper proposes GoGDDoS, a multi-classifier for DDoS attacks. Concretely, we construct GoG traffic graph to clearly compress relationships between packets and flows. It merges relationship graphs of packets and flows by using graph of graph. Then, we build a two-level Graph Neural Network model to mine potential attack patterns from GoG traffic graph. The experiments with well-known datasets show that GoGDDoS performs better than its counterparts.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
