Skip to main content
SpringerLink
Log in

Distributed Denial of Service Attack Detection Using Sequence-To-Sequence LSTM

  • Conference paper
  • First Online:
Global Economic Revolutions: Big Data Governance and Business Analytics for Sustainability (ICGER 2023)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1999))

Included in the following conference series:

  • 88 Accesses

Abstract

Log files are a great way to find out what's wrong with a system and how secure it is. They can be very large and have a complicated structure, which is why they are so useful. We use Machine Learning (ML) to find network anomalies and build different models that are driven by data to find DDoS attacks. The main goal of this article is to reduce the number of times that DDoS detection is wrongly labeled. In this paper, we describe a method for security analysis that uses Deep Learning techniques like simple LSTM, LSTM with embedding, and Seq-to-Seq LSTM on several systems log files to find and extract data that may be related to distributed denial of service (DDoS) attacks made by malicious users who want to break into a system. Through a process of learning, these data will help to find attacks, predict attacks, or find intrusions. In this study, we looked at how different optimizers, the size of the hidden state, and the number of layers affected the same architecture to find the best way to set it up. When compared to other models, the proposed model was able to correctly identify DoS/DDoS packets that had never been seen before with a 98.95% level of accuracy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. AImajali, M.H., Ghazwi, M., Alqudah, F.T., ALmahasnah, M.J., Alajarmeh, H.H., Masarweh, A.A.: The legal aspects and the enhanced role of cybersecurity in protecting the electronic voting process in the context of Jordan Parliament election law no. (4) of 2022. Inf. Sci. Lett. 12(8), 2839–2848 (2023)

    Google Scholar 

  2. Yihunie, F., Abdelfattah, E., Odeh, A.: Analysis of ping of death DoS and DDoS attacks. In: 2018 IEEE Long Island Systems, Applications and Technology Conference, LISAT 2018 (2018). https://doi.org/10.1109/LISAT.2018.8378010

  3. Eliyan, L.F., Di Pietro, R.: DoS and DDoS attacks in software defined networks: a survey of existing solutions and research challenges. Future Gener. Comput. Syst. 122, 149–171 (2021). https://doi.org/10.1016/j.future.2021.03.011

    Article  Google Scholar 

  4. Zebari, R.R., Zeebaree, S.R.M., Jacksi, K.: Impact ANALYSIS of HTTP and SYN flood DDoS attacks on apache 2 and IIS 10.0 web servers. In: ICOASE 2018 - International Conference on Advanced Science and Engineering (2018). https://doi.org/10.1109/ICOASE.2018.8548783

  5. Haider, S., et al.: A deep CNN ensemble framework for efficient DDoS attack detection in software defined networks. IEEE Access 8, 53972–53983 (2020). https://doi.org/10.1109/ACCESS.2020.2976908

    Article  Google Scholar 

  6. Elbarougy, R., Aboghrara, E., Behery, G.M., Younes, Y.M., El-Badry, N.M.: COVID-19 detection on chest x-ray images by combining histogram-oriented gradient and convolutional neural network features. Inf. Sci. Lett. 12(5), 2247–2260 (2023)

    Article  Google Scholar 

  7. Cheng, J., Liu, Y., Tang, X., Sheng, V.S., Li, M., Li, J.: DDoS attack detection via multi-scale convolutional neural network. Comput. Mater. Continua 62(3), 1317–1333 (2020). https://doi.org/10.32604/cmc.2020.06177

    Article  Google Scholar 

  8. Wani, A.R., Rana, Q.P., Saxena, U., Pandey, N.: Analysis and detection of DDoS attacks on cloud computing environment using machine learning techniques. In: Proceedings - 2019 Amity International Conference on Artificial Intelligence, AICAI 2019 (2019). https://doi.org/10.1109/AICAI.2019.8701238

  9. Saied, A., Overill, R.E., Radzik, T.: Detection of known and unknown DDoS attacks using Artificial Neural Networks. Neurocomputing 172, 385–393 (2016). https://doi.org/10.1016/j.neucom.2015.04.101

    Article  Google Scholar 

  10. Peraković, D., Periša, M., Cvitić, I., Husnjak, S.: Model for detection and classification of DDoS traffic based on artificial neural network. Telfor J. 9(1), 26–31 (2017). https://doi.org/10.5937/telfor1701026P

    Article  Google Scholar 

  11. Dar, S.A., Palanivel, S., Geetha, M.K., Balasubramanian, M.: Mouth image based person authentication using DWLSTM and GRU. Inf. Sci. Lett. 11(3), 853–862 (2022)

    Article  Google Scholar 

  12. Hussein, S., et al.: Diagnosis of COVID-19 from X-rays using recurrent neural network. Inf. Sci. Lett. 11(6), 2279–2284 (2022)

    Article  Google Scholar 

  13. Yuan, X., Li, C., Li, X.: DeepDefense: identifying DDoS attack via deep learning. In: 2017 IEEE International Conference on Smart Computing, SMARTCOMP 2017 (2017). https://doi.org/10.1109/SMARTCOMP.2017.7946998

  14. Eltahir, M.E., Ahmed, O.S.: Cybersecurity awareness in African higher education institutions: a case study of Sudan. Inf. Sci. Lett. 12(1), 171–183 (2023)

    Article  Google Scholar 

  15. Alghenaim, M.F., Abu-Bakar, N.A., Abdul-Rahim, F.B.: Reviewing cybersecurity awareness training tools used to address phishing attack at the workplace. Inf. Sci. Lett. 11(2), 391–398 (2022)

    Article  Google Scholar 

  16. Wang, H., Xu, L., Gu, G.: FloodGuard: a DoS attack prevention extension in software-defined networks. In: Proceedings of the International Conference on Dependable Systems and Networks, vol. 2015-September (2015). https://doi.org/10.1109/DSN.2015.27

  17. Singh, S., Khan, R.A., Agrawal, A.: Prevention mechanism for infrastructure based Denial-of-Service attack over software Defined Network. In: International Conference on Computing, Communication and Automation, ICCCA 2015 (2015). https://doi.org/10.1109/CCAA.2015.7148442

  18. Al-Sherideh, A.S., et al.: Development of a secure model for mobile government applications in Jordan. J. Stat. Appl. Pro. 13(1), 145–155 (2024)

    Article  Google Scholar 

  19. Abuasal, S., Alsarayra, K., Alyabroodie, Z.: Designing a standard-based approach for security of healthcare systems. J. Stat. Appl. Pro. 13(1), 419–434 (2024)

    Article  Google Scholar 

  20. Bedi, H., Roy, S., Shiva, S.: Mitigating congestion-based denial of service attacks with active queue management. In: GLOBECOM - IEEE Global Telecommunications Conference (2013). https://doi.org/10.1109/GLOCOM.2013.6831276

  21. Giotis, K., Androulidakis, G., Maglaris, V.: A scalable anomaly detection and mitigation architecture for legacy networks via an OpenFlow middlebox. Secur. Commun. Netw. 9(13), 1958–1970 (2016). https://doi.org/10.1002/sec.1368

    Article  Google Scholar 

  22. Yevsieieva, O., Helalat, S.M.: Analysis of the impact of the slow HTTP DOS and DDOS attacks on the cloud environment. In: 2017 4th International Scientific-Practical Conference Problems of Infocommunications Science and Technology, PIC S and T 2017 - Proceedings, vol. 2018-January (2017). https://doi.org/10.1109/INFOCOMMST.2017.8246453

  23. Mahadev, Kumar, V., Kumar, K.: Classification of DDoS attack tools and its handling techniques and strategy at application layer. In: Proceedings - 2016 International Conference on Advances in Computing, Communication and Automation (Fall), ICACCA 2016 (2016). https://doi.org/10.1109/ICACCAF.2016.7749002

  24. Ivanova, V., Tashev, T., Draganov, I.: Detection of IoT based DDoS attacks by network traffic analysis using feedforward neural networks. Int. J. Circuits Syst. Signal Process. 16, 653–662 (2022). https://doi.org/10.46300/9106.2022.16.81

    Article  Google Scholar 

  25. Lamkuche, H.S., Pramod, D., Onker, V., Katiya, S.A., Lamkuche, G.S., Hiremath, G.R.: SAL – a lightweight symmetric cipher for Internet-of-Things. Int. J. Innov. Technol. Explor. Eng. 8(11), 521–528 (2019). https://doi.org/10.35940/ijitee.K1088.09811S19

  26. Bhardwaj, A., Mangat, V., Vig, R.: Hyperband tuned deep neural network with well posed stacked sparse autoencoder for detection of ddos attacks in cloud. IEEE Access 8, 181916–181929 (2020). https://doi.org/10.1109/ACCESS.2020.3028690

    Article  Google Scholar 

  27. Lamkuche, H.S., Pramod, D.: CSL: FPGA implementation of lightweight block cipher for power-constrained devices. Int. J. Inf. Comput. Secur. 12(2–3), 349–377 (2020). https://doi.org/10.1504/IJICS.2020.105185

    Article  Google Scholar 

  28. Sarma, S.N.S., Lamkuche, H.H., Umamaheswari, S.: A review of secret sharing schemes. Res. J. Inf. Technol. 5(2) (2013). https://doi.org/10.3923/rjit.2013.67.72

  29. Church, K.W.: Word2Vec. Nat. Lang. Eng. 23(1) (2017). https://doi.org/10.1017/s1351324916000334

  30. Sutskever, I., Vinyals, O., Le, Q.V.: Sequence to sequence learning with neural networks. Adv. Neural Inf. Process. Syst. 4(January) (2014)

    Google Scholar 

  31. Ramesh, A., Pradhan, V., Lamkuche, H.: Understanding and analysing resource utilization, costing strategies and pricing models in cloud computing. In: Journal of Physics: Conference Series, vol. 1964, no. 4 (2021). https://doi.org/10.1088/1742-6596/1964/4/042049

  32. Kumar, S., Kumar, D., Lamkuche, H.S.: TPA auditing to enhance the privacy and security in cloud systems. J. Cyber Secur. Mobility 10(3), 537–568 (2021). https://doi.org/10.13052/jcsm2245-1439.1033

    Article  Google Scholar 

  33. Lamkuche, H.S., Kondaveety, V.B., Sapparam, V.L., Singh, S., Rajpurkar, R.D.: Enhancing the security and performance of cloud for e-governance infrastructure: Secure E-MODI. Int. J. Cloud Appl. Comput. 12(1) (2022). https://doi.org/10.4018/IJCAC.2022010108

  34. Lamkuche, H.S., Singh, K., Shirkhedkar, K.: A lightweight block cipher for cloud-based healthcare systems. In Computing, Communication and Learning: First International Conference, CoCoLe 2022, Warangal, India, 27–29 October 2022, Proceedings, pp. 3–14. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-21750-0_1

  35. Agarwal, D., Gurele, S., Lamkuche, H.S.: SAILFISH-I: a lightweight block cipher for cloud-enabled fog devices. In 2022 IEEE 6th Conference on Information and Communication Technology (CICT), pp. 1–6. IEEE (2022)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Symbiosis University of Applied Sciences (SUAS), Indore, India

    Anand Parmar

  2. School of Computing Science and Engineering, VIT Bhopal University, Kothrikalan, Sehore, 466114, Madhya Pradesh, India

    Hemraj Lamkuche

Authors
  1. Anand Parmar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hemraj Lamkuche
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Anand Parmar .

Editor information

Editors and Affiliations

  1. Ahlia University, Manama, Bahrain

    Abdalmuttaleb M. A. Musleh Al-Sartawi

  2. Universiti Tun Hussein Onn Malaysia, Parit Raja, Malaysia

    Mohd Helmy Abd Wahab

  3. University of Portsmouth, Portsmouth, UK

    Khaled Hussainey

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Parmar, A., Lamkuche, H. (2024). Distributed Denial of Service Attack Detection Using Sequence-To-Sequence LSTM. In: M. A. Musleh Al-Sartawi, A., Helmy Abd Wahab, M., Hussainey, K. (eds) Global Economic Revolutions: Big Data Governance and Business Analytics for Sustainability. ICGER 2023. Communications in Computer and Information Science, vol 1999. Springer, Cham. https://doi.org/10.1007/978-3-031-50518-8_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-50518-8_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-50517-1

  • Online ISBN: 978-3-031-50518-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation