Deep learning in distributed denial-ofservice attacks detection method for Internet of Things networks

Mohammed Aswad, Firas and Ahmed, Ali Mohammed Saleh and Ali Majeed Alhammadi, Nafea and Bashar Ahmad Khalaf, Bashar Ahmad Khalaf and Salama A. Mostafa, Salama A. Mostafa (2023) Deep learning in distributed denial-ofservice attacks detection method for Internet of Things networks. Journal of Intelligent Systems. pp. 1-13.

[img] Text
Restricted to Registered users only

Download (2MB) | Request a copy


With the rapid growth of informatics systems’ technology in this modern age, the Internet of Things (IoT) has become more valuable and vital to everyday life in many ways. IoT applications are now more popular than they used to be due to the availability of many gadgets that work as IoT enablers, including smartwatches, smartphones, security cameras, and smart sensors. However, the insecure nature of IoT devices has led to several difficulties, one of which is distributed denial-of-service (DDoS) attacks. IoT systems have several security limitations due to their disreputability characteristics, like dynamic communication between IoT devices. The dynamic communications resulted from the limited resources of these devices, such as their data storage and processing units. Recently, many attempts have been made to develop intelligent models to protect IoT networks against DDoS attacks. The main ongoing research issue is developing a model capable of protecting the network from DDoS attacks that is sensitive to various classes of DDoS and can recognize legitimate traffic to avoid false alarms. Subsequently, this study proposes combining three deep learning algorithms, namely recurrent neural network (RNN), long short-term memory (LSTM)-RNN, and convolutional neural network (CNN), to build a bidirectional CNN-BiLSTM DDoS detection model. The RNN, CNN, LSTM, and CNN-BiLSTM are implemented and tested to determine the most effective model against DDoS attacks that can accurately detect and distinguish DDoS from legitimate traffic. The intrusion detection evaluation dataset (CICIDS2017) is used to provide more realistic detection. The CICIDS2017 dataset includes benign and up-to-date examples of typical attacks, closely matching real-world data of Packet Capture. The four models are tested and assessed using Confusion Metrix against four commonly used criteria: accuracy, precision, recall, and F-measure. The performance of the models is quite effective as they obtain an accuracy rate of around 99.00%, except for the CNN model, which achieves an accuracy of 98.82%. The CNN-BiLSTM achieves the best accuracy of 99.76% and precision of 98.90%.

Item Type: Article
Uncontrolled Keywords: distributed denial-of-service attacks, Internet of Things, deep learning, classification, CNN, BiLSTM, RNN, LSTM.
Subjects: T Technology > T Technology (General)
Divisions: Faculty of Computer Science and Information Technology > Department of Multimedia
Depositing User: Mr. Mohamad Zulkhibri Rahmad
Date Deposited: 21 Nov 2023 01:47
Last Modified: 21 Nov 2023 01:47

Actions (login required)

View Item View Item