A DDoS attack detection scheme based on Bi-LSTM in SDN

Computer Engineering & Science ›› 2023, Vol. 45 ›› Issue (02): 277-285.

• Computer Network and Znformation Security • Previous Articles Next Articles

A DDoS attack detection scheme based on Bi-LSTM in SDN

BAI Jian-jing,GU Rui-chun,LIU Qing-he

(School of Information Engineering,Inner Mongolia University of Science & Technology,Baotou 014010,China)

Received:2022-03-10 Revised:2022-05-26 Accepted:2023-02-25 Online:2023-02-25 Published:2023-02-15

Abstract

Abstract: Aiming at the DDoS attack threat brought by massive access devices in the 5G Internet of Things (IoT) environment, considering the Software Defined Network (SDN) for the applicability of 5G IoT, a DDoS attack detection scheme using Long Short-Term Memory (LSTM) network in SDN environment is proposed, in order to improve the accuracy of DDoS attack detection. Based on the idea of divide-and-conquer algorithm, a lightweight distributed edge computing architecture, called Only Care Myself (OCM), is proposed. A Bi-LSTM based lightweight neural network is deployed on idle edge nodes in IoT to complete the detection task, which increases the flexibility of detection while maintaining the accuracy. The performance index of the proposed scheme was evaluated on the ISCX2012 dataset, and the feasibility of the proposed scheme is verified. Experimental results show that the proposed scheme can accurately detect DDoS attacks and effectively mitigate DDoS attacks.

Key words: software defined network(SDN), 5G, distributed denial of service(DDoS), Internet of Things (IoT), network security

BAI Jian-jing, GU Rui-chun, LIU Qing-he. A DDoS attack detection scheme based on Bi-LSTM in SDN[J]. Computer Engineering & Science, 2023, 45(02): 277-285.

[1]	HUANG Xiaopeng1,HUANG Chuanhe1,NONG Huangwu1,Yang Danfeng1,YANG Jinling2. End-to-end delay in software defined networks [J]. J4, 20160101, 38(01): 67-72.
[2]	GUO Chang-hao, TANG Xiang-yun, WENG Yu. A data heterogeneity processing method based on asynchronous hierarchical federated learning [J]. Computer Engineering & Science, 2024, 46(07): 1237-1244.
[3]	LI Rong-chun, ZHOU Xin, WANG Qing-lin, MEI Song-zhu. High-throughput parallel baseband processing algorithms based on GPUs for satellite communication [J]. Computer Engineering & Science, 2023, 45(10): 1720-1730.
[4]	NIE Lei, LIU Bo, LI Peng, HE Heng, . A multi-agent Q-learning based selection method for heterogeneous vehicular network [J]. Computer Engineering & Science, 2021, 43(05): 836-844.
[5]	XIE Feng. Application and research of immersive classroom teaching based on virtual reality technology in 5G networks [J]. Computer Engineering & Science, 2019, 41(增刊S1): 14-17.
[6]	ZHANG Ruizhi1,TANG Xiangyan1,CHENG Jieren1,2 . A DDoS attack security situation assessment model based on improved fuzzy C-means clustering [J]. Computer Engineering & Science, 2018, 40(11): 1957-1966.
[7]	LI Yingzhi1，XIAO Laiyuan2. A study on the smart city server system based on contextaware technology [J]. J4, 2016, 38(03): 443-448.
[8]	HUANG Xiaopeng1,HUANG Chuanhe1,NONG Huangwu1,Yang Danfeng1,YANG Jinling2. End-to-end delay in software defined networks [J]. J4, 2016, 38(01): 67-72.
[9]	CAI Ting1,CHEN Changzhi1,OUYANG Kai2,ZHOU Jingli2. An improved access control strategy for perceptual layer of IoT [J]. J4, 2015, 37(07): 1265-1271.
[10]	YAO Zhongmin,YAO Tianjian,LONG Zhaopeng,LI Qiang. Design of taxi dispatch system based on Internet of Things [J]. J4, 2014, 36(08): 1476-1481.

A DDoS attack detection scheme based on Bi-LSTM in SDN

PDF

Knowledge

Abstract

Cite this article

share this article

Related Articles 10

Recommended Articles

Metrics

Comments