| Title | DDoS Attack Detection Combining Time Series-based Multi-dimensional Sketch and Machine Learning |
| Publication Type | Conference Paper |
| Year of Publication | 2022 |
| Authors | Sun, Yanchao, Han, Yuanfeng, Zhang, Yue, Chen, Mingsong, Yu, Shui, Xu, Yimin |
| Conference Name | 2022 23rd Asia-Pacific Network Operations and Management Symposium (APNOMS) |
| Date Published | sep |
| Keywords | composability, computer networks, Costs, DDoS attack detection, denial-of-service attack, Human Behavior, Indexes, machine learning, machine learning algorithms, Metrics, Protocols, pubcrawl, resilience, Resiliency, The Boyer-Moore Voting Algorithm, Time Series-based Multi-dimensional Sketch |
| Abstract | Machine learning-based DDoS attack detection methods are mostly implemented at the packet level with expensive computational time costs, and the space cost of those sketch-based detection methods is uncertain. This paper proposes a two-stage DDoS attack detection algorithm combining time series-based multi-dimensional sketch and machine learning technologies. Besides packet numbers, total lengths, and protocols, we construct the time series-based multi-dimensional sketch with limited space cost by storing elephant flow information with the Boyer-Moore voting algorithm and hash index. For the first stage of detection, we adopt CNN to generate sketch-level DDoS attack detection results from the time series-based multi-dimensional sketch. For the sketch with potential DDoS attacks, we use RNN with flow information extracted from the sketch to implement flow-level DDoS attack detection in the second stage. Experimental results show that not only is the detection accuracy of our proposed method much close to that of packet-level DDoS attack detection methods based on machine learning, but also the computational time cost of our method is much smaller with regard to the number of machine learning operations. |
| Notes | ISSN: 2576-8565 |
| DOI | 10.23919/APNOMS56106.2022.9919958 |
| Citation Key | sun_ddos_2022 |
DDoS Attack Detection Combining Time Series-based Multi-dimensional Sketch and Machine Learning