Firas Mohammed Aswad, Firas Mohammed Aswad and Ali Mohammed Saleh Ahmed, Ali Mohammed Saleh Ahmed and Nafea Ali Majeed Alhammadi, Nafea Ali Majeed Alhammadi and Bashar Ahmad Khalaf, Bashar Ahmad Khalaf and Salama A. Mostafa, Salama A. Mostafa (2023) Deep learning in distributed denial-ofservice attacks detection method for Internet of Things networks. Journal of Intelligent Systems, 32. pp. 1-13.
Text
J15750_9d9880322873c2021c6ffa0622006ab4.pdf Restricted to Registered users only Download (2MB) | Request a copy |
Abstract
With the rapid growth of informatics systems’ technology in this modern age, the Internet of Things (IoT) has become more valuable and vital to everyday life in many ways. IoT applications are now more popular than they used to be due to the availability of many gadgets that work as IoT enablers, including smartwatches, smartphones, security cameras, and smart sensors. However, the insecure nature of IoT devices has led to several difficulties, one of which is distributed denial-of-service (DDoS) attacks. IoT systems have several security limitations due to their disreputability characteristics, like dynamic communication between IoT devices. The dynamic communications resulted from the limited resources of these devices, such as their data storage and processing units. Recently, many attempts have been made to develop intelligent models to protect IoT networks against DDoS attacks. The main ongoing research issue is developing a model capable of protecting the network from DDoS attacks that is sensitive to various classes of DDoS and can recognize legitimate traffic to avoid false alarms. Subsequently, this study proposes combining three deep learning algorithms, namely recurrent neural network (RNN), long short-term memory (LSTM)-RNN, and convolutional neural network (CNN), to build a bidirectional CNN-BiLSTM DDoS detection model. The RNN, CNN, LSTM, and CNN-BiLSTM are implemented and tested to determine the most effective model against DDoS attacks that can accurately detect and distinguish DDoS from legitimate traffic. The intrusion detection evaluation dataset (CICIDS2017) is used to provide more realistic detection. The CICIDS2017 dataset includes benign and up-to-date examples of typical attacks, closely matching real-world data of Packet Capture. The four models are tested and assessed using Confusion Metrix against four commonly used criteria: accuracy, precision, recall, and F-measure. The performance of the models is quite effective as they obtain an accuracy rate of around 99.00%, except for the CNN model, which achieves an accuracy of 98.82%. The CNN-BiLSTM achieves the best accuracy of 99.76% and precision of 98.90%.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | distributed denial-of-service attacks, Internet of Things, deep learning, classification, CNN, BiLSTM, RNN, LSTM. |
Subjects: | T Technology > T Technology (General) |
Divisions: | Faculty of Computer Science and Information Technology > FSKTM |
Depositing User: | Mr. Mohamad Zulkhibri Rahmad |
Date Deposited: | 15 Jan 2024 07:31 |
Last Modified: | 15 Jan 2024 07:31 |
URI: | http://eprints.uthm.edu.my/id/eprint/10642 |
Actions (login required)
View Item |