Detection of DDoS Attacks using Fine-Tuned Multi-Layer Perceptron Models
Received: 11 July 2024 | Revised: 22 July 2024 | Accepted: 28 July 2024 | Online: 9 October 2024
Corresponding author: Ahmad Sanmorino
Abstract
This study addresses a major cybersecurity challenge by focusing on the detection of Distributed Denial of Service (DDoS) attacks. These attacks pose a major threat to online services by overwhelming targets with traffic from multiple sources. Traditional detection approaches often fail to adapt to changing attack patterns, necessitating advanced machine-learning techniques. This study proposes a fine-tuned Multi-Layer Perceptron (MLP) model to improve DDoS detection accuracy while reducing false positives. This study uses fine-tuning techniques, such as hyperparameter optimization and transfer learning, to build a robust and adaptive detection framework. After extensive experiments with multiple data splits and cross-validation, the fine-tuned MLP model exhibited strong performance metrics with an average accuracy of 98.5%, precision of 98.1%, recall of 97.8%, and F1 score of 97.9%. These findings demonstrate the model's ability to successfully distinguish between benign and malicious traffic, enhancing network security and resilience. By overcoming the limitations of existing detection methods, this study adds new insights to the field of cybersecurity, providing a more precise and efficient approach to DDoS detection.
Keywords:
DDoS detection, Multi-Layer Perceptron, Machine learning, Hyperparameter optimization, Cyber securityDownloads
References
M. M. Inuwa and R. Das, "A comparative analysis of various machine learning methods for anomaly detection in cyber attacks on IoT networks," Internet of Things, vol. 26, Jul. 2024, Art. no. 101162.
A. D. Vibhute, C. H. Patil, A. V. Mane, and K. V. Kale, "Towards Detection of Network Anomalies using Machine Learning Algorithms on the NSL-KDD Benchmark Datasets," Procedia Computer Science, vol. 233, pp. 960–969, Jan. 2024.
B. Bala and S. Behal, "AI techniques for IoT-based DDoS attack detection: Taxonomies, comprehensive review and research challenges," Computer Science Review, vol. 52, May 2024, Art. no. 100631.
U. H. Garba, A. N. Toosi, M. F. Pasha, and S. Khan, "SDN-based detection and mitigation of DDoS attacks on smart homes," Computer Communications, vol. 221, pp. 29–41, May 2024.
M. Alazab, R. Abu Khurma, P. A. Castillo, B. Abu-Salih, A. Martín, and D. Camacho, "An effective networks intrusion detection approach based on hybrid Harris Hawks and multi-layer perceptron," Egyptian Informatics Journal, vol. 25, Mar. 2024, Art. no. 100423.
C. Tian, F. Zhang, and R. Wang, "Adversarial regularized attributed network embedding for graph anomaly detection," Pattern Recognition Letters, vol. 183, pp. 111–116, Jul. 2024.
Y. K. Saheed, O. H. Abdulganiyu, K. U. Majikumna, M. Mustapha, and A. D. Workneh, "ResNet50-1D-CNN: A new lightweight resNet50-οne-dimensional convolution neural network transfer learning-based approach for improved intrusion detection in cyber-physical systems," International Journal of Critical Infrastructure Protection, vol. 45, Jul. 2024, Art. no. 100674.
P. R. Kanna and P. Santhi, "Hybrid Intrusion Detection using MapReduce based Black Widow Optimized Convolutional Long Short-Term Memory Neural Networks," Expert Systems with Applications, vol. 194, May 2022, Art. no. 116545.
S. Fraihat, S. Makhadmeh, M. Awad, M. A. Al-Betar, and A. Al-Redhaei, "Intrusion detection system for large-scale IoT NetFlow networks using machine learning with modified Arithmetic Optimization Algorithm," Internet of Things, vol. 22, Jul. 2023, Art. no. 100819.
Y. Cao, Z. Wang, H. Ding, J. Zhang, and B. Li, "An intrusion detection system based on stacked ensemble learning for IoT network," Computers and Electrical Engineering, vol. 110, Sep. 2023, Art. no. 108836.
M. P. Novaes, L. F. Carvalho, J. Lloret, and M. L. Proença, "Long Short-Term Memory and Fuzzy Logic for Anomaly Detection and Mitigation in Software-Defined Network Environment," IEEE Access, vol. 8, pp. 83765–83781, 2020.
S. Haider et al., "A Deep CNN Ensemble Framework for Efficient DDoS Attack Detection in Software Defined Networks," IEEE Access, vol. 8, pp. 53972–53983, 2020.
A. Chen, Y. Fu, X. Zheng, and G. Lu, "An efficient network behavior anomaly detection using a hybrid DBN-LSTM network," Computers & Security, vol. 114, Mar. 2022, Art. no. 102600.
A. Namavar Jahromi et al., "An improved two-hidden-layer extreme learning machine for malware hunting," Computers & Security, vol. 89, Feb. 2020, Art. no. 101655.
L. Tan, Y. Pan, J. Wu, J. Zhou, H. Jiang, and Y. Deng, "A New Framework for DDoS Attack Detection and Defense in SDN Environment," IEEE Access, vol. 8, pp. 161908–161919, 2020.
A. E. Cil, K. Yildiz, and A. Buldu, "Detection of DDoS attacks with feed forward based deep neural network model," Expert Systems with Applications, vol. 169, May 2021, Art. no. 114520.
A. Protogerou, S. Papadopoulos, A. Drosou, D. Tzovaras, and I. Refanidis, "A graph neural network method for distributed anomaly detection in IoT," Evolving Systems, vol. 12, no. 1, pp. 19–36, Mar. 2021.
S. ur Rehman et al., "DIDDOS: An approach for detection and identification of Distributed Denial of Service (DDoS) cyberattacks using Gated Recurrent Units (GRU)," Future Generation Computer Systems, vol. 118, pp. 453–466, May 2021.
M. S. Elsayed, N. A. Le-Khac, S. Dev, and A. D. Jurcut, "DDoSNet: A Deep-Learning Model for Detecting Network Attacks," in 2020 IEEE 21st International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM), Cork, Ireland, Aug. 2020, pp. 391–396.
A. Sanmorino, R. Gustriansyah, and J. Alie, "DDoS Attacks Detection Method Using Feature Importance and Support Vector Machine," JUITA : Jurnal Informatika, vol. 10, no. 2, Nov. 2022, Art. no. 167.
A. Sanmorino, "A study for DDOS attack classification method," Journal of Physics: Conference Series, vol. 1175, no. 1, Nov. 2019, Art. no. 012025.
A. Sanmorino and S. Yazid, "DDoS Attack detection method and mitigation using pattern of the flow," in 2013 International Conference of Information and Communication Technology (ICoICT), Bandung, Indonesia, Mar. 2013, pp. 12–16.
U. H. Garba, A. N. Toosi, M. F. Pasha, and S. Khan, "SDN-based detection and mitigation of DDoS attacks on smart homes," Computer Communications, vol. 221, pp. 29–41, May 2024.
A. Sanmorino and H. D. Kesuma, "Fine-tuning a pre-trained ResNet50 model to detect distributed denial of service attack," Bulletin of Electrical Engineering and Informatics, vol. 13, no. 2, pp. 1362–1370, Apr. 2024.
A. Sanmorino, Ermatita, and Samsuryadi, "The Preliminary Results of the Kms Model with Additional Elements of Gamification to Optimize Research Output in a Higher Education Institution," International Journal of Engineering and Advanced Technology, vol. 8, no. 5, pp. 554–559, 2019.
S. M. Altowaijri and Y. E. Touati, "Securing Cloud Computing Services with an Intelligent Preventive Approach," Engineering, Technology & Applied Science Research, vol. 14, no. 3, pp. 13998–14005, Jun. 2024.
M. H. H. Khairi, S. H. S. Ariffin, N. M. A. Latiff, A. S. Abdullah, and M. K. Hassan, "A Review of Anomaly Detection Techniques and Distributed Denial of Service (DDoS) on Software Defined Network (SDN)," Engineering, Technology & Applied Science Research, vol. 8, no. 2, pp. 2724–2730, Apr. 2018.
G. G. Gebremariam, J. Panda, and S. Indu, "Secure localization techniques in wireless sensor networks against routing attacks based on hybrid machine learning models," Alexandria Engineering Journal, vol. 82, pp. 82–100, Nov. 2023.
Md. A. Talukder and Md. A. Uddin, "CIC-DDoS2019 Dataset." Mendeley, Mar. 03, 2023.
S. Choudhary and N. Kesswani, "Analysis of KDD-Cup’99, NSL-KDD and UNSW-NB15 Datasets using Deep Learning in IoT," Procedia Computer Science, vol. 167, pp. 1561–1573, Jan. 2020.
Downloads
How to Cite
License
Copyright (c) 2024 Ahmad Sanmorino, Luis Marnisah, Hendra Di Kesuma
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.