Have a personal or library account? Click to login
Advancing DDoS attack detection with hybrid deep learning: integrating convolutional neural networks, PCA, and vision transformers Cover

Advancing DDoS attack detection with hybrid deep learning: integrating convolutional neural networks, PCA, and vision transformers

International Journal on Smart Sensing and Intelligent Systems
Volume 17 (2024): Issue 1 (January 2024)
By: Jahangir Shaikh,  Toqeer Ali Syed,  Syed Aziz Shah,  Salman Jan,  Qurat Ul Ain and  Pradeep Kumar Singh  
Open Access
|Dec 2024

Figures & Tables

Figure 1:

Overview of the AI ecosystem highlighting the roles and interconnections between ML, DL, and LLM. AI, artificial intelligence; CNNs, convolutional neural network; DL, deep learning; LLM, large language models; ML, machine learning.
Overview of the AI ecosystem highlighting the roles and interconnections between ML, DL, and LLM. AI, artificial intelligence; CNNs, convolutional neural network; DL, deep learning; LLM, large language models; ML, machine learning.

Figure 2:

Network diagram depicting components involved in DDoS defense, including internet access points, firewalls, switches, IDS, and end-user devices. DDoS, distributed denial of service; IDS, intrusion detection systems.
Network diagram depicting components involved in DDoS defense, including internet access points, firewalls, switches, IDS, and end-user devices. DDoS, distributed denial of service; IDS, intrusion detection systems.

Figure 3:

Architectural overview of an IDS, detailing its core components, detection methodologies, data integration points, and response mechanisms. IDS, intrusion detection systems.
Architectural overview of an IDS, detailing its core components, detection methodologies, data integration points, and response mechanisms. IDS, intrusion detection systems.

Figure 4:

CNN. CNN, convolutional neural network.
CNN. CNN, convolutional neural network.

Figure 5:

Proposed architecture processing network traffic data through CNN for DDoS attack detection, incorporating PCA and SMOTE for data preparation. CNN, convolutional neural network; DDoS, distributed denial of service; PCA, principal component analysis; SMOTE, Synthetic Minority Oversampling Technique.
Proposed architecture processing network traffic data through CNN for DDoS attack detection, incorporating PCA and SMOTE for data preparation. CNN, convolutional neural network; DDoS, distributed denial of service; PCA, principal component analysis; SMOTE, Synthetic Minority Oversampling Technique.

Figure 6:

Proposed architecture diagram illustrating the dual-path approach for DDoS attack detection, featuring both CNN and ViT layers. CNN, convolutional neural network; DDoS, distributed denial of service; ViT, vision transformers.
Proposed architecture diagram illustrating the dual-path approach for DDoS attack detection, featuring both CNN and ViT layers. CNN, convolutional neural network; DDoS, distributed denial of service; ViT, vision transformers.

Figure 7:

Performance and efficiency of CNN models: This graph shows key performance metrics—Test Accuracy, Training Accuracy, Precision, Recall, and F1 Score—across three CNN configurations (CNN-30, CNN-20, CNN-10). It also illustrates the reduction in training time for each model, emphasizing the balance between model accuracy and computational efficiency. CNN, convolutional neural networks.
Performance and efficiency of CNN models: This graph shows key performance metrics—Test Accuracy, Training Accuracy, Precision, Recall, and F1 Score—across three CNN configurations (CNN-30, CNN-20, CNN-10). It also illustrates the reduction in training time for each model, emphasizing the balance between model accuracy and computational efficiency. CNN, convolutional neural networks.

Figure 8:

Confusion matrix. DDoS, distributed denial of service.
Confusion matrix. DDoS, distributed denial of service.

CCICDDoS2019 dataset

TypeRecords
Benign56,863
LDAP2,179,930
TFTP20,082,580
DNS5,071,011
NetBIOS4,093,279
MSSQL4,522,492
SSDP2,610,611
NTP1,202,642
SNMP5,159,870
UDP3,134,645
SYN1,582,289
UDP-Lag366,461
WebDDoS439
Total50,063,112

Confusion matrix

Actual positiveActual negative
Positive predictTPFP
Negative predictFNTN
DOI: https://doi.org/10.2478/ijssis-2024-0040 | Journal eISSN: 1178-5608
Journal RSS Feed
Language: English
Submitted on: Jun 12, 2024
Published on: Dec 17, 2024
Published by: Professor Subhas Chandra Mukhopadhyay
In partnership with: Paradigm Publishing Services
Publication frequency: 1 issue per year
Keywords:
DDOS,
Hybrid Deep Learning,
CNN,
Visions Transformer
Related subjects:
Engineering,
Introductions and overviews,
Engineering, other

© 2024 Jahangir Shaikh, Toqeer Ali Syed, Syed Aziz Shah, Salman Jan, Qurat Ul Ain, Pradeep Kumar Singh, published by Professor Subhas Chandra Mukhopadhyay
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License.

Previous articleVolume 17 (2024): Issue 1 (January 2024)Next article