DDoS Attack Detection via Multi-scale Convolutional Neural Network

  • Yifu Liu Hainan university
Keywords: DDoS attack detection, Convolutional neural network, Network flow feature extraction.


Distributed Denial-of-Service (DDoS) has made a major damage to the network in the big data environment. The existing methods have low calculation efficiency, high false alarm rate and missing alarm rate. In this paper, we propose a DDoS attack detection method based on network flow grayscale image feature via multi-scale convolutional neural network (CNN). According to the different characteristics of the attack flow and the network flow in the IP protocol, the seven-tuple is extracted in this method to describe the network traffic characteristics and converted into a grayscale feature by binary. Based on the network flow feature gray scale (GNFF), the convolution layer of different spatial scales is used to influence the segmentation precision and model storage, global features and local features of the network stream are extracted, and send the multi-scale feature into the softmax classifier. The classifier is trained with both normal samples and DDOS attack samples, and the normal network parameters are obtained. A DDoS attack classifier based on multi-scale convolution neural network is constructed. Experiments show that compared with similar methods, this method can improve the robustness of the model, the false alarm rate and missing alarm rate are reduce.

Articles on Computers