Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Long Short-Term Memory Recurrent Neural Network for detecting DDoS flooding attacks within TensorFlow Implementation framework.
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
2017 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Distributed Denial of Service (DDoS) attacks is one of the most widespread security attacks to internet service providers. It is the most easily launched attack, but very difficult and expensive to detect and mitigate. In view of the devastating effect of DDoS attacks, there has been the increase on the adaptation of a network detection technique to reveal the presence of DDoS attack before huge traffic buildup to prevent service availability.

Several works done on DDoS attack detection reveals that, the conventional DDoS attack detection methods based on statistical divergence is useful, however, the large surface area of the internet which serve as the main conduit for DDoS flooding attacks to occur, makes it difficult to use this approach to detect attacks on the network. Hence this research work is focused on using detection techniques based on a deep learning technique, because it is proven as the most effective detection technique against DDoS attacks.

Out of the several deep neural network techniques available, this research focuses on one aspect of recurrent neural network called Long Short-Term Memory (LSTM) and TensorFlow framework to build and train a deep neural network model to detect the presence of DDoS attacks on a network. This model can be used to develop an Intrusion Detection System (IDS) to aid in detecting DDoS attacks on the network. Also, at the completion of this project, the expectation of the produced model is to have a higher detection accuracy rates, and a low false alarm rates.

Design Science Research Methodology (DSRM) was used to carry out this project. The test experiment for this work was performed on CPU and GPU base systems to determine the base system's effect on the detection accuracy of the model.

To achieve the set goals, seven evaluating parameters were used to test the model's detection accuracy and performance on both Central Processing Unit (CPU) and Graphics Processing Unit (GPU) systems.

The results reveal that the model was able to produce a detection accuracy of 99.968% on both CPU and GPU base system which is better than the results by Yuan et al. [55] which is 97.606%. Also the results prove that the model's performance does not depend on the based system used for the training but rather depends on the dataset size. However, the GPU systems train faster than CPU systems. It also revealed that increasing the value of epochs during training does not affect the models detection accuracy but rather extends the training time.

This model is limited to detecting 17 different attack types on maintaining the same detection accuracy mentioned above. Further future work should be done to increase the detecting attack type to unlimited so that it will be able to detect all attack types.

Place, publisher, year, edition, pages
2017. , p. 91
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:ltu:diva-66802OAI: oai:DiVA.org:ltu-66802DiVA, id: diva2:1160966
Educational program
Information Security, master's level (120 credits)
Supervisors
Examiners
Available from: 2017-12-01 Created: 2017-11-28 Last updated: 2018-03-09Bibliographically approved

Open Access in DiVA

fulltext(10377 kB)166 downloads
File information
File name FULLTEXT02.pdfFile size 10377 kBChecksum SHA-512
19bf59ed117c998fb97e8b3d3e96764e1a1a262f0b826e6c27d1af250ec32a501639be18f37f87ea2b136ef6e2348b79b93375529c369c5d38fab9c04abef9c6
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Bediako, Peter Ken
By organisation
Computer Science
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 166 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 1284 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf