Today's networks and services undoubtedly require a high level of protection from cyber threats and attacks. State-of-the-art solutions that implement Machine Learning (ML) have shown to improve the accuracy and confidence in threat detection compared to previous approaches, making it suitable for detecting today's sophisticated attacks such as Distributed Denial of Service (DDoS). However, in real-world deployments, input data streams take large bandwidth and processing capacity, especially for Deep Learning (DL) solutions that require extensive input data. On the other hand, deployment environments usually have limited bandwidth and computing resources, such as in the Internet of Things (IoT). Thus, a lightweight detection solution that satisfies such constraints is needed. In this paper, we utilize a feature reduction approach for our DL-based DDoS detector based on the Analysis of Variance (ANOVA), which is used to identify important data features and reduce the data inputs needed for detection. Our result shows that we can reduce the data input needed by up to 84.21% while only reducing 0.1% detection accuracy. We also provide a detailed analysis of the characteristics of DDoS attacks using ANOVA and compared our work with recent DL-based DDoS detection systems to demonstrate that our results are comparable to existing approaches.

Feature Selection Evaluation towards a Lightweight Deep Learning DDoS Detector

Sanchez O. R.;Carrega A.;Bolla R.;Pajo J. F.
2021-01-01

Abstract

Today's networks and services undoubtedly require a high level of protection from cyber threats and attacks. State-of-the-art solutions that implement Machine Learning (ML) have shown to improve the accuracy and confidence in threat detection compared to previous approaches, making it suitable for detecting today's sophisticated attacks such as Distributed Denial of Service (DDoS). However, in real-world deployments, input data streams take large bandwidth and processing capacity, especially for Deep Learning (DL) solutions that require extensive input data. On the other hand, deployment environments usually have limited bandwidth and computing resources, such as in the Internet of Things (IoT). Thus, a lightweight detection solution that satisfies such constraints is needed. In this paper, we utilize a feature reduction approach for our DL-based DDoS detector based on the Analysis of Variance (ANOVA), which is used to identify important data features and reduce the data inputs needed for detection. Our result shows that we can reduce the data input needed by up to 84.21% while only reducing 0.1% detection accuracy. We also provide a detailed analysis of the characteristics of DDoS attacks using ANOVA and compared our work with recent DL-based DDoS detection systems to demonstrate that our results are comparable to existing approaches.
2021
978-1-7281-7122-7
File in questo prodotto:
File Dimensione Formato  
Feature_Selection_Evaluation_towards_a_Lightweight_Deep_Learning_DDoS_Detector.pdf

accesso aperto

Descrizione: Contributo in atti di convegno
Tipologia: Documento in Post-print
Dimensione 4.51 MB
Formato Adobe PDF
4.51 MB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11567/1090564
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 18
  • ???jsp.display-item.citation.isi??? 9
social impact