Detection of Distributed Denial of Service Attacks using Convolutional Neural Network.
DDoS attack detection, Convolutional neural network, Sampled network flow.
With the expansion of the Internet, combined with the growing number of Internet of Things (IoT) devices, denial of service attacks (Denial of Service - DoS), as well as its distributed variant (Distributed Denial of Service - DDoS), have become more widespread, making it a significant problem for the availability of services operating on the Internet. In recent years, the number of research in academia and industry on the detection and mitigation of these attacks has been growing, but without a definitive solution yet. Techniques involving machine learning are being widely used to detect and mitigate these attacks. Although efficient, the proposed techniques present a high computational cost, which may make them unfeasible in network scenarios with intense data flows, due to the temporal restrictions imposed by real-time processing of the data flow. Inspired by these works in the literature, but seeking to reduce computational complexity, this work proposes the use of a low-complexity convolutional neural network to detect DDoS attacks. The complexity reduction of the proposed convolutional network is based on the use of descriptors obtained from a set of metrics calculated on sampled network traffic header data. The developed method has a high success rate, low false positive rate, and relative simplicity of implementation, making it suitable for the task of detecting DDoS attacks in network scenarios with high throughput.