Firas Mohammed Aswad, Ali Ahmed, N. A. M. Alhammadi, Bashar Ahmad Khalaf, S. Mostafa
{"title":"物联网网络分布式拒绝服务攻击检测方法中的深度学习","authors":"Firas Mohammed Aswad, Ali Ahmed, N. A. M. Alhammadi, Bashar Ahmad Khalaf, S. Mostafa","doi":"10.1515/jisys-2022-0155","DOIUrl":null,"url":null,"abstract":"Abstract With the rapid growth of informatics systems’ technology in this modern age, the Internet of Things (IoT) has become more valuable and vital to everyday life in many ways. IoT applications are now more popular than they used to be due to the availability of many gadgets that work as IoT enablers, including smartwatches, smartphones, security cameras, and smart sensors. However, the insecure nature of IoT devices has led to several difficulties, one of which is distributed denial-of-service (DDoS) attacks. IoT systems have several security limitations due to their disreputability characteristics, like dynamic communication between IoT devices. The dynamic communications resulted from the limited resources of these devices, such as their data storage and processing units. Recently, many attempts have been made to develop intelligent models to protect IoT networks against DDoS attacks. The main ongoing research issue is developing a model capable of protecting the network from DDoS attacks that is sensitive to various classes of DDoS and can recognize legitimate traffic to avoid false alarms. Subsequently, this study proposes combining three deep learning algorithms, namely recurrent neural network (RNN), long short-term memory (LSTM)-RNN, and convolutional neural network (CNN), to build a bidirectional CNN-BiLSTM DDoS detection model. The RNN, CNN, LSTM, and CNN-BiLSTM are implemented and tested to determine the most effective model against DDoS attacks that can accurately detect and distinguish DDoS from legitimate traffic. The intrusion detection evaluation dataset (CICIDS2017) is used to provide more realistic detection. The CICIDS2017 dataset includes benign and up-to-date examples of typical attacks, closely matching real-world data of Packet Capture. The four models are tested and assessed using Confusion Metrix against four commonly used criteria: accuracy, precision, recall, and F-measure. The performance of the models is quite effective as they obtain an accuracy rate of around 99.00%, except for the CNN model, which achieves an accuracy of 98.82%. The CNN-BiLSTM achieves the best accuracy of 99.76% and precision of 98.90%.","PeriodicalId":46139,"journal":{"name":"Journal of Intelligent Systems","volume":"30 1","pages":""},"PeriodicalIF":2.1000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Deep learning in distributed denial-of-service attacks detection method for Internet of Things networks\",\"authors\":\"Firas Mohammed Aswad, Ali Ahmed, N. A. M. Alhammadi, Bashar Ahmad Khalaf, S. Mostafa\",\"doi\":\"10.1515/jisys-2022-0155\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract With the rapid growth of informatics systems’ technology in this modern age, the Internet of Things (IoT) has become more valuable and vital to everyday life in many ways. IoT applications are now more popular than they used to be due to the availability of many gadgets that work as IoT enablers, including smartwatches, smartphones, security cameras, and smart sensors. However, the insecure nature of IoT devices has led to several difficulties, one of which is distributed denial-of-service (DDoS) attacks. IoT systems have several security limitations due to their disreputability characteristics, like dynamic communication between IoT devices. The dynamic communications resulted from the limited resources of these devices, such as their data storage and processing units. Recently, many attempts have been made to develop intelligent models to protect IoT networks against DDoS attacks. The main ongoing research issue is developing a model capable of protecting the network from DDoS attacks that is sensitive to various classes of DDoS and can recognize legitimate traffic to avoid false alarms. Subsequently, this study proposes combining three deep learning algorithms, namely recurrent neural network (RNN), long short-term memory (LSTM)-RNN, and convolutional neural network (CNN), to build a bidirectional CNN-BiLSTM DDoS detection model. The RNN, CNN, LSTM, and CNN-BiLSTM are implemented and tested to determine the most effective model against DDoS attacks that can accurately detect and distinguish DDoS from legitimate traffic. The intrusion detection evaluation dataset (CICIDS2017) is used to provide more realistic detection. The CICIDS2017 dataset includes benign and up-to-date examples of typical attacks, closely matching real-world data of Packet Capture. The four models are tested and assessed using Confusion Metrix against four commonly used criteria: accuracy, precision, recall, and F-measure. The performance of the models is quite effective as they obtain an accuracy rate of around 99.00%, except for the CNN model, which achieves an accuracy of 98.82%. The CNN-BiLSTM achieves the best accuracy of 99.76% and precision of 98.90%.\",\"PeriodicalId\":46139,\"journal\":{\"name\":\"Journal of Intelligent Systems\",\"volume\":\"30 1\",\"pages\":\"\"},\"PeriodicalIF\":2.1000,\"publicationDate\":\"2023-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Intelligent Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1515/jisys-2022-0155\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Intelligent Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1515/jisys-2022-0155","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
Deep learning in distributed denial-of-service attacks detection method for Internet of Things networks
Abstract With the rapid growth of informatics systems’ technology in this modern age, the Internet of Things (IoT) has become more valuable and vital to everyday life in many ways. IoT applications are now more popular than they used to be due to the availability of many gadgets that work as IoT enablers, including smartwatches, smartphones, security cameras, and smart sensors. However, the insecure nature of IoT devices has led to several difficulties, one of which is distributed denial-of-service (DDoS) attacks. IoT systems have several security limitations due to their disreputability characteristics, like dynamic communication between IoT devices. The dynamic communications resulted from the limited resources of these devices, such as their data storage and processing units. Recently, many attempts have been made to develop intelligent models to protect IoT networks against DDoS attacks. The main ongoing research issue is developing a model capable of protecting the network from DDoS attacks that is sensitive to various classes of DDoS and can recognize legitimate traffic to avoid false alarms. Subsequently, this study proposes combining three deep learning algorithms, namely recurrent neural network (RNN), long short-term memory (LSTM)-RNN, and convolutional neural network (CNN), to build a bidirectional CNN-BiLSTM DDoS detection model. The RNN, CNN, LSTM, and CNN-BiLSTM are implemented and tested to determine the most effective model against DDoS attacks that can accurately detect and distinguish DDoS from legitimate traffic. The intrusion detection evaluation dataset (CICIDS2017) is used to provide more realistic detection. The CICIDS2017 dataset includes benign and up-to-date examples of typical attacks, closely matching real-world data of Packet Capture. The four models are tested and assessed using Confusion Metrix against four commonly used criteria: accuracy, precision, recall, and F-measure. The performance of the models is quite effective as they obtain an accuracy rate of around 99.00%, except for the CNN model, which achieves an accuracy of 98.82%. The CNN-BiLSTM achieves the best accuracy of 99.76% and precision of 98.90%.
期刊介绍:
The Journal of Intelligent Systems aims to provide research and review papers, as well as Brief Communications at an interdisciplinary level, with the field of intelligent systems providing the focal point. This field includes areas like artificial intelligence, models and computational theories of human cognition, perception and motivation; brain models, artificial neural nets and neural computing. It covers contributions from the social, human and computer sciences to the analysis and application of information technology.