Distributed Denial of Service Attack Detection using Sequence-to-Sequence LSTM
Anand Parmar1* and Hemraj Lamkuche2
1Symbiosis University of Applied Sciences (SUAS), Indore, India
2School of Computing Science and Engineering, VIT Bhopal University, Kothrikalan, Sehore Madhya Pradesh
*Corresponding Author: Anand Parmar, Symbiosis University of Applied Sciences (SUAS), Indore, India.
Published: March 12, 2024
Abstract
Log files are a great way to find out what's wrong with a system and how secure it is. They can be very large and have a complicated structure, which is why they are so useful. We use Machine Learning (ML) to find network anomalies and build different models that are driven by data to find DDoS attacks. The main goal of this article is to reduce the number of times that DDoS detection is wrongly labeled. In this paper, we describe a method for security analysis that uses Deep Learning techniques like simple LSTM, LSTM with embedding, and Seq-to-Seq LSTM on several systems log files to find and extract data that may be related to distributed denial of service (DDoS) attacks made by malicious users who want to break into a system. Through a process of learning, these data will help to find attacks, predict attacks, or find intrusions. In this study, we looked at how different optimizers, the size of the hidden state, and the number of layers affected the same architecture to find the best way to set it up. When compared to other models, the proposed model was able to correctly identify DoS/DDoS packets that had never been seen before with a 98.95% level of accuracy.
Keywords: DDoS Attack Detection; Cyber Physical System; LSTM; Deep Learning; Machine Learning
.