Next Article in Journal
Increasing the Effectiveness of Network Intrusion Detection Systems (NIDSs) by Using Multiplex Networks and Visibility Graphs
Next Article in Special Issue
Dynamic Extraction of Initial Behavior for Evasive Malware Detection
Previous Article in Journal
Analysis and Forecasting of Sales Funnels
Previous Article in Special Issue
Design and Evaluation of Unsupervised Machine Learning Models for Anomaly Detection in Streaming Cybersecurity Logs
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Mathematics
Volume 11
Issue 1
10.3390/math11010108
mathematics-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Detection of Unknown DDoS Attack Using Reconstruct Error and One-Class SVM Featuring Stochastic Gradient Descent

by
Chin-Shiuh Shieh
1,
Thanh-Tuan Nguyen
1,2,*,
Chun-Yueh Chen
1 and
Mong-Fong Horng
1,3
1
Department of Electronic Engineering, National Kaohsiung University of Science and Technology, Kaohsiung 807618, Taiwan
2
Department of Electronic and Automation Engineering, Nha Trang University, Nha Trang 650000, Vietnam
3
Ph.D. Program in Biomedical Engineering, Kaohsiung Medial University, Kaohsiung 807378, Taiwan
*
Author to whom correspondence should be addressed.
Mathematics 2023, 11(1), 108; https://doi.org/10.3390/math11010108
Submission received: 10 November 2022 / Revised: 18 December 2022 / Accepted: 20 December 2022 / Published: 26 December 2022
(This article belongs to the Special Issue Models and Algorithms in Cybersecurity)
Browse Figures
Versions Notes

Abstract

The network system has become an indispensable component of modern infrastructure. DDoS attacks and their variants remain a potential and persistent cybersecurity threat. DDoS attacks block services to legitimate users by incorporating large amounts of malicious traffic in a short period or depleting system resources through methods specific to each client, causing the victim to lose reputation, finances, and potential customers. With the advancement and maturation of artificial intelligence technology, machine learning and deep learning are widely used to detect DDoS attacks with significant success. However, traditional supervised machine learning must depend on the categorized training sets, so the recognition rate plummets when the model encounters patterns outside the dataset. In addition, DDoS attack techniques continue to evolve, rendering training based on conventional data models unable to meet contemporary requirements. Since closed-set classifiers have excellent performance in cybersecurity and are quite mature, this study will investigate the identification of open-set recognition issues where the attack pattern does not accommodate the distribution learned by the model. This research proposes a framework that uses reconstruction error and distributes hidden layer characteristics to detect unknown DDoS attacks. This study will employ deep hierarchical reconstruction nets (DHRNet) architecture and reimplement it with a 1D integrated neural network employing loss function combined with spatial location constraint prototype loss (SLCPL) as a solution for open-set risks. At the output, a one-class SVM (one-class support vector machine) based on a random gradient descent approximation is used to recognize the unknown patterns in the subsequent stage. The model achieves an impressive detection rate of more than 99% in testing. Furthermore, the incremental learning module utilizing unknown traffic labeled by telecom technicians during tracking has enhanced the model’s performance by 99.8% against unknown threats based on the CICIDS2017 Friday open dataset.
Keywords: distributed denial of service (DDoS); deep learning; open-set recognition (OSR); one-class support vector machine; reconstruct error; incremental learning distributed denial of service (DDoS); deep learning; open-set recognition (OSR); one-class support vector machine; reconstruct error; incremental learning

Share and Cite

MDPI and ACS Style

Shieh, C.-S.; Nguyen, T.-T.; Chen, C.-Y.; Horng, M.-F. Detection of Unknown DDoS Attack Using Reconstruct Error and One-Class SVM Featuring Stochastic Gradient Descent. Mathematics 2023, 11, 108. https://doi.org/10.3390/math11010108

AMA Style

Shieh C-S, Nguyen T-T, Chen C-Y, Horng M-F. Detection of Unknown DDoS Attack Using Reconstruct Error and One-Class SVM Featuring Stochastic Gradient Descent. Mathematics. 2023; 11(1):108. https://doi.org/10.3390/math11010108

Chicago/Turabian Style

Shieh, Chin-Shiuh, Thanh-Tuan Nguyen, Chun-Yueh Chen, and Mong-Fong Horng. 2023. "Detection of Unknown DDoS Attack Using Reconstruct Error and One-Class SVM Featuring Stochastic Gradient Descent" Mathematics 11, no. 1: 108. https://doi.org/10.3390/math11010108

APA Style

Shieh, C.-S., Nguyen, T.-T., Chen, C.-Y., & Horng, M.-F. (2023). Detection of Unknown DDoS Attack Using Reconstruct Error and One-Class SVM Featuring Stochastic Gradient Descent. Mathematics, 11(1), 108. https://doi.org/10.3390/math11010108

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop