Abstract
Network security remains a pressing concern in the digital era, with the rapid advancement of technology opening up new avenues for cyber threats. One emergent solution lies in the application of large language models (LLMs), like OpenAI’s ChatGPT, which harness the power of artificial intelligence for enhanced security measures. As the proliferation of connected devices and systems increases, the potential for Distributed Denial of Service (DDoS) attacks—a prime example of network security threats—grows as well. This article explores the potential of LLMs in bolstering network security, specifically in detecting DDoS attacks. This paper investigates the aptitude of large language models (LLMs), such as OpenAI’s ChatGPT variants (GPT-3.5, GPT-4, and Ada), in enhancing DDoS detection capabilities. We contrasted the efficacy of LLMs against traditional neural networks using two datasets: CICIDS 2017 and the more intricate Urban IoT Dataset. Our findings indicate that LLMs, when applied in a few-shot learning context or through fine-tuning, can not only detect potential DDoS threats with significant accuracy but also elucidate their reasoning. Specifically, fine-tuning achieved an accuracy of approximately 95% on the CICIDS 2017 dataset and close to 96% on the Urban IoT Dataset for aggressive DDoS attacks. These results surpass those of a multi-layer perceptron (MLP) trained with analogous data.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Abdullahi, M., et al.: Detecting cybersecurity attacks in internet of things using artificial intelligence methods: a systematic literature review. Electronics 11(2), 198 (2022)
ANALYTICS, I.: State of IoT 2023: Number of connected IoT devices growing 16
Antonakakis, M., et al.: Understanding the Mirai botnet. In: 26th USENIX security symposium (USENIX Security 17), pp. 1093–1110 (2017)
Biswas, S.S.: Potential use of chat GPT in global warming. Ann. Biomed. Eng. 51(6), 1126–1127 (2023)
Biswas, S.S.: Role of chat GPT in public health. Ann. Biomed. Eng. 51(5), 868–869 (2023)
Brown, T.B., et al.: Language models are few-shot learners (2020)
Ferrag, M.A., Ndhlovu, M., Tihanyi, N., Cordeiro, L.C., Debbah, M., Lestable, T.: Revolutionizing cyber threat detection with large language models. arXiv preprint arXiv:2306.14263 (2023)
Hekmati, A., Grippo, E., Krishnamachari, B.: Dataset: Large-scale urban IoT activity data for DDOS attack emulation. arXiv preprint arXiv:2110.01842 (2021)
Hekmati, A., Grippo, E., Krishnamachari, B.: Neural networks for DDOS attack detection using an enhanced urban IoT dataset. In: 2022 International Conference on Computer Communications and Networks (ICCCN), pp. 1–8. IEEE (2022)
Hekmati, A., Jethwa, N., Grippo, E., Krishnamachari, B.: Correlation-aware neural networks for DDOS attack detection in IoT systems. arXiv preprint arXiv:2302.07982 (2023)
Huang, J., Chang, K.C.C.: Towards reasoning in large language models: a survey. arXiv preprint arXiv:2212.10403 (2022)
Johnson, A.: Leveraging large language models for network security, https://medium.com/@andrew_johnson_4/leveraging-large-language-models-for-network-security-b2027f03d522. Accessed 08 July 2023
Kurniabudi, Stiawan, D., Darmawijoyo, Bin Idris, M.Y., Bamhdi, A.M., Budiarto, R.: Cicids-2017 dataset feature analysis with information gain for anomaly detection. IEEE Access 8, 132911–132921 (2020). https://doi.org/10.1109/ACCESS.2020.3009843
Liu, N.F., et al: Lost in the middle: How language models use long contexts (2023)
Liu, Y., et al.: Summary of ChatGPT/GPT-4 research and perspective towards the future of large language models. arXiv preprint arXiv:2304.01852 (2023)
Marin, G.: Network security basics. IEEE Secur. Priv. 3(6), 68–72 (2005). https://doi.org/10.1109/MSP.2005.153
Mubarakali, A., Srinivasan, K., Mukhalid, R., Jaganathan, S.C.B., Marina, N.: Security challenges in internet of things: Distributed denial of service attack detection using support vector machine-based expert systems. Comput. Intell. 36(4), 1580–1592 (2020)
Pal, S.K., Mitra, S.: Multilayer perceptron, fuzzy sets, classifiaction (1992)
Pal, S., Mitra, S.: Multilayer perceptron, fuzzy sets, and classification. IEEE Trans. Neural Netw. 3(5), 683–697 (1992). https://doi.org/10.1109/72.159058
Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1, 108–116 (2018)
Shaukat, K., Luo, S., Varadharajan, V., Hameed, I.A., Xu, M.: A survey on machine learning techniques for cyber security in the last decade. IEEE Access 8, 222310–222354 (2020). https://doi.org/10.1109/ACCESS.2020.3041951
Sinanović, H., Mrdovic, S.: Analysis of Mirai malicious software. In: 2017 25th International Conference on Software, Telecommunications and Computer Networks (SoftCOM), pp. 1–5 (2017). https://doi.org/10.23919/SOFTCOM.2017.8115504
Surameery, N.M.S., Shakor, M.Y.: Use chat gpt to solve programming bugs. International Journal of Information Technology & Computer Engineering (IJITC) ISSN: 2455–5290 3(01), 17–22 (2023)
Suresh, M., Anitha, R.: Evaluating machine learning algorithms for detecting DDoS attacks. In: Wyld, D.C., Wozniak, M., Chaki, N., Meghanathan, N., Nagamalai, D. (eds.) CNSA 2011. CCIS, vol. 196, pp. 441–452. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22540-6_42
Tariq, U., Ahmed, I., Ali, K.B., Shaukat, K.: A critical cybersecurity analysis and future research directions for the internet of things: a comprehensive review. Sensors 23(8), 4117 (2023)
Vishwakarma, R., Jain, A.K.: A survey of DDOS attacking techniques and defence mechanisms in the IoT network. Telecommun. Syst. 73(1), 3–25 (2020)
Yu, D., et al.: Differentially private fine-tuning of language models. arXiv preprint arXiv:2110.06500 (2021)
Zhao, W.X., et al.: A survey of large language models. arXiv preprint arXiv:2303.18223 (2023)
Acknowledgments
This material is based upon work partially supported by Defense Advanced Research Projects Agency (DARPA) under Contract Number HR001120C0160 for the Open, Programmable, Secure 5G (OPS-5G) program. Any views, opinions, and/or findings expressed are those of the author(s) and should not be interpreted as representing the official views or policies of the Department of Defense or the U.S. Government. This document has been edited with the assistance of ChatGPT. We certify that ChatGPT was not utilized to produce any technical content and we accept full responsibility for the contents of the paper.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Guastalla, M., Li, Y., Hekmati, A., Krishnamachari, B. (2024). Application of Large Language Models to DDoS Attack Detection. In: Chen, Y., Lin, CW., Chen, B., Zhu, Q. (eds) Security and Privacy in Cyber-Physical Systems and Smart Vehicles. SmartSP 2023. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 552. Springer, Cham. https://doi.org/10.1007/978-3-031-51630-6_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-51630-6_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-51629-0
Online ISBN: 978-3-031-51630-6
eBook Packages: Computer ScienceComputer Science (R0)