Open-Set Recognition in Unknown DDoS Attacks Detection With Reciprocal Points Learning

Chin-Shiuh Shieh; Fu-An Ho; Mong-Fong Horng; Thanh-Tuan Nguyen; Prasun Chakrabarti

doi:10.1109/ACCESS.2024.3388149

IEEE Access (Jan 2024)

Open-Set Recognition in Unknown DDoS Attacks Detection With Reciprocal Points Learning

Chin-Shiuh Shieh,
Fu-An Ho,
Mong-Fong Horng,
Thanh-Tuan Nguyen,
Prasun Chakrabarti

Affiliations

Chin-Shiuh Shieh: ORCiD; Department of Electronic Engineering, National Kaohsiung University of Science and Technology, Kaohsiung, Taiwan
Fu-An Ho: Department of Electronic Engineering, National Kaohsiung University of Science and Technology, Kaohsiung, Taiwan
Mong-Fong Horng: ORCiD; Department of Electronic Engineering, National Kaohsiung University of Science and Technology, Kaohsiung, Taiwan
Thanh-Tuan Nguyen: ORCiD; Department of Electronics and Automation Engineering, Nha Trang University, Nha Trang, Vietnam
Prasun Chakrabarti: ORCiD; Department of Computer Science and Engineering, Sir Padampat Singhania University, Rajasthan, Udaipur, India

DOI: https://doi.org/10.1109/ACCESS.2024.3388149
Journal volume & issue: Vol. 12
pp. 56461 – 56476

Abstract

Read online

The internet, a cornerstone of modern life, has profound implications across personal, business, and society. However, its widespread use has posed challenges, especially concerning privacy and cybersecurity. Besides, the threats on the internet are increasing in terms of danger, intensity, and complexity. Distributed denial-of-service (DDoS) attacks have emerged as a common and dangerous cybersecurity threat capable of disabling the network systems of targeted organizations and services. Therefore, various security strategies, such as firewalls and intrusion detection systems (IDS), are employed to protect against DDoS attacks. Enhancing the defensive capabilities of IDS systems through machine learning (ML) and deep learning (DL) technologies is a significant trend nowadays. However, despite notable successes, detecting DDoS attacks using ML and DL technologies still faces challenges, especially with Unknown DDoS Attacks. In this research, the primary goal is to address the unknown DDoS detection problem through efficient and advanced techniques. Our proposed method, CNN-RPL, integrates Convolutional Neural Network (CNN) with Reciprocal Points Learning (RPL), a novel Open-Set Recognition (OSR) technology. This model can effectively handle both known and unknown attacks. The CNN-RPL model demonstrates excellent results, achieving an accuracy exceeding 99.93% against known attacks in the CICIDS2017 dataset. Simultaneously, the model achieves a commendable average accuracy of up to 98.51% against unknown attacks in the CICDDoS2019 dataset. In particular, the CNN-RPL model simplifies the architecture of the deep neural network by significantly reducing the number of training parameters without compromising defense capabilities. Therefore, our proposed method is genuinely efficient, particularly flexible, and lightweight compared to traditional methods. This can equip organizations and businesses with a highly applicable yet powerful security approach against the evolving complexities in the network space.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords