Deep learning in distributed denial-of-service attacks detection method for Internet of Things networks

Aswad Firas Mohammed; Ahmed Ali Mohammed Saleh; Alhammadi Nafea Ali Majeed; Khalaf Bashar Ahmad; Mostafa Salama A.

doi:10.1515/jisys-2022-0155

Journal of Intelligent Systems (Jan 2023)

Deep learning in distributed denial-of-service attacks detection method for Internet of Things networks

Aswad Firas Mohammed,
Ahmed Ali Mohammed Saleh,
Alhammadi Nafea Ali Majeed,
Khalaf Bashar Ahmad,
Mostafa Salama A.

Affiliations

Aswad Firas Mohammed: Computer Department, College of Basic Education, University of Diyala, 32001, Diyala, Iraq
Ahmed Ali Mohammed Saleh: College of Education for Pure Sciences, University of Diyala, 32001, Diyala, Iraq
Alhammadi Nafea Ali Majeed: Department of Computer Sciences, Shatt Al-Arab University College, 61002, Basra, Iraq
Khalaf Bashar Ahmad: Department of Medical Instruments Engineering Techniques, Bilad Alrafidain University College, 32001, Diyala, Iraq
Mostafa Salama A.: Department of Software Engineering, Faculty of Computer Science and Information Technology, Universiti Tun Hussein Onn Malaysia, Batu Pahat, 86400, Johor, Malaysia

DOI: https://doi.org/10.1515/jisys-2022-0155
Journal volume & issue: Vol. 32, no. 1
pp. 7 – 13

Abstract

Read online

With the rapid growth of informatics systems’ technology in this modern age, the Internet of Things (IoT) has become more valuable and vital to everyday life in many ways. IoT applications are now more popular than they used to be due to the availability of many gadgets that work as IoT enablers, including smartwatches, smartphones, security cameras, and smart sensors. However, the insecure nature of IoT devices has led to several difficulties, one of which is distributed denial-of-service (DDoS) attacks. IoT systems have several security limitations due to their disreputability characteristics, like dynamic communication between IoT devices. The dynamic communications resulted from the limited resources of these devices, such as their data storage and processing units. Recently, many attempts have been made to develop intelligent models to protect IoT networks against DDoS attacks. The main ongoing research issue is developing a model capable of protecting the network from DDoS attacks that is sensitive to various classes of DDoS and can recognize legitimate traffic to avoid false alarms. Subsequently, this study proposes combining three deep learning algorithms, namely recurrent neural network (RNN), long short-term memory (LSTM)-RNN, and convolutional neural network (CNN), to build a bidirectional CNN-BiLSTM DDoS detection model. The RNN, CNN, LSTM, and CNN-BiLSTM are implemented and tested to determine the most effective model against DDoS attacks that can accurately detect and distinguish DDoS from legitimate traffic. The intrusion detection evaluation dataset (CICIDS2017) is used to provide more realistic detection. The CICIDS2017 dataset includes benign and up-to-date examples of typical attacks, closely matching real-world data of Packet Capture. The four models are tested and assessed using Confusion Metrix against four commonly used criteria: accuracy, precision, recall, and F-measure. The performance of the models is quite effective as they obtain an accuracy rate of around 99.00%, except for the CNN model, which achieves an accuracy of 98.82%. The CNN-BiLSTM achieves the best accuracy of 99.76% and precision of 98.90%.

Published in Journal of Intelligent Systems

ISSN: 0334-1860 (Print); 2191-026X (Online)
Publisher: De Gruyter
Country of publisher: Poland
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: https://www.degruyter.com/view/journals/jisys/jisys-overview.xml

About the journal

Abstract

Keywords