Abstract
Distributed denial of service (DDoS) attacks is one of the serious threats in the domain of cybersecurity where it affects the availability of online services by disrupting access to its legitimate users. The consequences of such attacks could be millions of dollars in worth since all of the online services are relying on high availability. The magnitude of DDoS attacks is ever increasing as attackers are smart enough to innovate their attacking strategies to expose vulnerabilities in the intrusion detection models or mitigation mechanisms. The history of DDoS attacks reflects that network and transport layers of the OSI model were the initial target of the attackers, but the recent history from the cybersecurity domain proves that the attacking momentum has shifted toward the application layer of the OSI model which presents a high degree of difficulty distinguishing the attack and benign traffics that make the combat against application-layer DDoS attack a sophisticated task. Striding for high accuracy with high DDoS classification recall is key for any DDoS detection mechanism to keep the reliability and trustworthiness of such a system. In this paper, a deep learning approach for application-layer DDoS detection is proposed by using an autoencoder to perform the feature selection and Deep neural networks to perform the attack classification. A popular benchmark dataset CIC DoS 2017 is selected by extracting the most appealing features from the packet flows. The proposed model has achieved an accuracy of 99.83% with a detection rate of 99.84% while maintaining the false-negative rate of 0.17%, which has the heights accuracy rate among the literature reviewed so far.
Highlights
The Distributed Denial of Service (DDoS) attacks are a type of DoS attacks carried out by multiple infected series of IP addresses that can be span over massive geographical locations
The application-layer DDoS detection model proposed by this study is based on the deep learning techniques utilizing the capabilities of Autoencoder and the Deep neural network
As per the latest findings, Asad et al (2020) from their research proposed a model to detect application-layer DDoS attacks, and the model was based on a seven-layer Deep Neural network with feed-forward and backpropagation
Summary
The Distributed Denial of Service (DDoS) attacks are a type of DoS attacks carried out by multiple infected series of IP addresses that can be span over massive geographical locations. The reflection type of DDoS keeps the identity of the attacker hidden by utilizing the legitimate third party to carry out the attack. The exploitation DDoS attacks are very similar to the reflection attacks where the identity of the attacker remains hidden These types of attacks are utilizing both TCP and UDP to carry out an attack. Infrastructure approaches like Firewalls and Load balancers are been used to mitigate the DDoS attacks, but provide their own limitations. Both firewalls and load balancers are stateful inline solution devices that are vulnerable to stateexhausting attacks. The application-layer DDoS detection model proposed by this study is based on the deep learning techniques utilizing the capabilities of Autoencoder and the Deep neural network.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
