A Multi-Classifier for DDoS Attacks Using Stacking Ensemble Deep Neural Network

Abstract

DDoS (Distributed Denial of Service) attacks have emerged as a serious menace to the security and integrity of data and information systems. The primary aim of this attack is to take down the targeted system and prevent legitimate users from accessing its services. Identifying a DDoS attack is a challenging task, and it must be performed before initiating any countermeasure. DDoS attack detection has been effectively applied in many studies using Machine Learning (ML) and Deep Learning (DL). However, many existing models are unable to recognize the distinct and dynamic behavior of DDoS attacks because they employ datasets that were produced a long time ago and lack up-to-date attack scenarios, do not include packet-based bi-directional traffic flow, and do not contain complete network traffic. In addition, most studies carried out binary classification, however, there are many types of DDoS attacks, each with its unique characteristics. Classifying DDoS attacks can be useful when thwarting the attack and taking preventive measures. This paper presents a multi-classifier model using stacking ensemble deep neural networks that identify several types of DDoS attacks to address the issues mentioned above. Our proposed hybrid model incorporates Convolution Neural Network (CNN), Long Short Term Memory (LSTM), and Gated Recurrent Unit (GRU), and we show that while evaluating models with large datasets such as CIC-DDoS2019, ensemble technique increases model performance. According to experimental results, our proposed model can reach an accuracy of 89.4%, which outperforms other similar methods.