ANN and DNN-based models for DDoS detection via network traffic forecasting

Other Title(s)

كشف هجمات رفض الخدمة الموزعة عبر التنبؤ بتدفق بيانات الشبكة باستخدام نماذج الشبكات العصبونية الاصطناعية و التعلم العميق

Dissertant

Jandari, Amjad Ibrahim

Thesis advisor

Abu Arqub, Abd al-Rahman

University

Middle East University

Faculty

Faculty of Information Technology

Department

Computer Science Department

University Country

Jordan

Degree

Master

Degree Date

2019

English Abstract

Cyber-attacks such as DDoS critically affect the available network bandwidth which means that by analyzing the coming network traffic, DDoS attacks can be detected. Detecting DDoS attacks is never a simple task. It typically relies on classifying the coming network requests and distinguishes between the traffic coming from attacking sources and the normal legitimate network traffic. One of the most efficient approaches for DDoS detection is via bandwidth forecasting as it provides a clear understanding of the legitimate traffic and helps determine the infected DDoS attack from the legitimate user traffic coming to the servers. Thus, this work proposes a DDoS detection method via forecasting network bandwidth using an Artificial Neural Networks (ANN) and Deep learning Neural Networks (DNN). The ANN models are Single-Layer Feedforward architecture ANN model, and SingleLayer Elman architecture ANN model. The DNN model is a Multi-Layer Feedforward Neural Network These models are built in MATLAB and are trained using a set of timeseries network traffic data set to first predict future traffic demands. Secondly, further analysis is applied to the forecasted bandwidth outcomes to detect DDoS attacks. All three models forecasting performance is critically analyzed and compared to each other in a number of network bandwidth training and predicting experiments of which all have achieved extremely high forecasting results of accuracy rates above 97.8% Such results of forecasting performance of the proposed ANN models allow for further analysis of the forecasted bandwidth for DDoS detection by comparing the outcomes of the ANN forecasting model to the actual coming traffic. The results of this work have shown that the DNN model and the single-layer feedforward NN model have the highest accuracy rates in comparison to the previously proposed recurrent NN and the competitive NN models.

Main Topic

Information Technology and Computer Science

No. of Pages

46

Table of Contents

Table of contents.

Abstract.

Abstract in Arabic.

Chapter One : Introduction.

Chapter Two : Literature review and related work.

Chapter Three : Methodology and the proposed model.

Chapter Four : Experimental results and discussion.

Chapter Five : Conclusion and future work.

References.

American Psychological Association (APA)

Jandari, Amjad Ibrahim. (2019). ANN and DNN-based models for DDoS detection via network traffic forecasting. (Master's theses Theses and Dissertations Master). Middle East University, Jordan
https://search.emarefa.net/detail/BIM-899292

Modern Language Association (MLA)

Jandari, Amjad Ibrahim. ANN and DNN-based models for DDoS detection via network traffic forecasting. (Master's theses Theses and Dissertations Master). Middle East University. (2019).
https://search.emarefa.net/detail/BIM-899292

American Medical Association (AMA)

Jandari, Amjad Ibrahim. (2019). ANN and DNN-based models for DDoS detection via network traffic forecasting. (Master's theses Theses and Dissertations Master). Middle East University, Jordan
https://search.emarefa.net/detail/BIM-899292

Language

English

Data Type

Arab Theses

Record ID

BIM-899292