DDOS ATTACK DETECTION USING HYBRID (CCN AND LSTM) ML MODEL
Keywords:DDoS, Cyber, attack, ML, SDN, LSTM, Python
LSTM (Long Short-Term Memory) and CNN (Convolutional Neural Networks) are two types of deep learning algorithms; by combining the strengths of LSTM and CNN, researchers have developed deep learning models that can effectively detect SDN (Software-Defined Network) attacks including Distributed Denial of Service. These models effectively analyze network traffic, encompassing temporal and spatial characteristics, resulting in precise identification of malicious traffic.In this research, a hybrid model composed of CNN and LSTM is used to detect the DDoS attack in SDN network. Where the CNN component of the model can identify spatial patterns in network traffic, such as the characteristics of individual packets, while the LSTM component can capture temporal patterns in traffic over time, such as the timing and frequency of traffic bursts. The proposed model has been trained on a labeled network traffic dataset, with one class representing normal traffic and another class representing DDoS attack traffic. During the training process, the model adjusts its weights and biases to minimize the difference between its predicted output and the actual output for each input sample. Once trained, the hybrid model classifies incoming network traffic in the dataset as either normal or malicious with an initial accuracy of (78.18%) and losses of (39.77%) at the 1st epoch till it reaches an accuracy of (99.99%) with losses of (9.29×10-5) at the epoch number 500. It should be mentioned that the hybrid model of CNN and LSTM for DDoS detection is implemented using Python Anaconda platform with an ETA 28ms/step.
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
IJCI applies the Creative Commons Attribution (CC BY) license to articles. The author of the submitted paper for publication by IJCI has the CC BY license. Under this Open Access license, the author give an agreement to any author to reuse the article in whole or part for any purpose, even for commercial purposes. Anyone may copy, distribute, or reuse the content as long as the author and original source are properly cited. This facility helps in re-use and ensures that journal content is available for the needs of research.
If the manuscript contains photos, images, figures, tables, audio files, videos, etc., that the author or the co-authors do not own, IJCI will require author to provide the journal with proof that the owner of that content has given the author written permission to use it, and the owner has approved that the CC BY license being applied to content. IJCI provides a form that author can use to ask for permission from the owner. If the author does not have owner permission, IJCI will ask author to remove that content and/or replace it with other content that the author own or have such permission to use.
Many authors assume that if they previously published a paper through another publisher, they have the rights to reuse that content in their PLOS paper, but that is not necessarily the case – it depends on the license that covers the other paper. Author must ascertain the rights he/she has of a specific license (a license that enables author to use the content). Author must obtain a written permission from the publisher to use the content in IJCI paper. Author should not include any content in her/his IJCI paper without having the rights to use, and always give proper attribution.
The accompanying submitted data should be stated with licensing policies, the policies should not be more restrictive than CC BY.
IJCI has the right to remove photos, captures, images, figures, tables, illustrations, audio and video files, from a paper before or after publication, if these contents were included in author paper without permission from the owner of the content.