Overview of methods for detecting distributed denial-of-service attacks based on machine learning and deep learning

Tatiana Klimenko, Radmir Akzhigitov


Distributed denial of service (DDoS) attacks pose a serious threat to network security. In a Denial of Service (DOS) attack, a single source performs the attack, while DDoS uses multiple hosts to attack the system. It is very difficult to identify the source of the attack when such an attack occurs, since the attacker hides his identity by spoofing his IP address.      How to detect DDoS attacks and defend against them is currently an urgent topic both in industry and in scientific circles. This article discusses the mechanism of DDoS attacks and DDoS attack models, the main methods of launching DDoS attacks, types of attacks according to the OSI model and a more detailed description of the types of DDoS attacks aimed at a specific vulnerability. This article systematizes the methods of machine and deep learning used to detect DDoS attacks. In addition to describing the methods themselves, examples of studies where these methods were used to detect DDoS attacks are also given. At the end of the article, examples of environments vulnerable to DDoS attacks are given. This article will help you get acquainted with modern effective methods of detecting DDoS attacks.

Full Text:

PDF (Russian)


Zekri, M., Kafhali, S. E., Aboutabit, N., & Saadi, Y. (2017). DDoS attack detection using machine learning techniques in cloud computing environments. 2017 3rd International Conference of Cloud Computing Technologies and Applications (CloudTech). doi:10.1109/cloudtech.2017.8284731

Ahmad, Jalal Ale. “A Comprehensive Taxonomy of DDoS Attacks and Defense Mechanism Applying in a Smart Classification.”, WSEAS TRANSACTIONS on COMPUTERS, 2008

DoS and DDoS vulnerability of IoT: A review, Emina Džaferović et al., Sustainable Engineering and Innovation, Vol. 1, No. 1., June 2019, pp.43-48 https://doi.org/10.37868/sei.v1i1.36

Mahjabin, T., Xiao, Y., Sun, G., & Jiang, W. (2017). A survey of distributed denial-of-service attack, prevention, and mitigation techniques. International Journal of Distributed Sensor Networks, 13(12), 155014771774146. doi:10.1177/1550147717741463

Prevention Techniques against Distributed Denial of Service Attacks in Heterogeneous Networks: A Systematic Review, Ammarah Cheema et al., 2022, Security and Communication Networks Volume 2022, https://doi.org/10.1155/2022/8379532

Zhang, Boyang et al. “DDoS detection and prevention based on artificial intelligence techniques.” 2017 3rd IEEE International Conference on Computer and Communications (ICCC) (2017): 1276-1280.

B. B. Gupta , R. C. Joshi & Manoj Misra (2009) Defending against Distributed Denial of Service Attacks:Issues and Challenges, Information Security Journal: A Global Perspective, 18:5,224-247,DOI:10.1080/19393550903317070

Vishwakarma, R., & Jain, A. K. (2019). A survey of DDoS attacking techniques and defence mechanisms in the IoT network. Telecommunication Systems. doi:10.1007/s11235-019-00599-z

Machine Learning and Deep Learning Methods for Intrusion Detection Systems: A Survey, Hongyu Liu and Bo Lang, Appl. Sci. 2019, 9, 4396; doi:10.3390/app9204396.

Choudhary, R., & Gianey, H. K. (2017). Comprehensive Review On Supervised Machine Learning Algorithms. 2017 International Conference on Machine Learning and Data Science (MLDS). doi:10.1109/mlds.2017.11.

Machine learning and deep learning methods for intrusion detection systems: recent developments and challenges, Geeta Kocher and Gulshan Kumar, Soft Computing (2021) 25:9731–9763, https://doi.org/10.1007/s00500-021-05893-0.

N. Bakhareva, A. Shukhman, A. Matveev, P. Polezhaev, Y. Ushakov and L. Legashev, "Attack Detection in Enterprise Networks by Machine Learning Methods," 2019 International Russian Automation Conference (RusAutoCon), Sochi, Russia, 2019, pp. 1-6.

Saini, P. S., Behal, S., & Bhatia, S. (2020). Detection of DDoS Attacks using Machine Learning Algorithms. 2020 7th International Conference on Computing for Sustainable Global Development (INDIACom). doi:10.23919/indiacom49435.2020.9083716

Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy, Iman Sharafaldin et al.,978-1-7281-1576-4/19/$31.00 c 2019 IEEE.

Priya, S. S., Sivaram, M., Yuvaraj, D., & Jayanthiladevi, A. (2020). Machine Learning based DDOS Detection. 2020 International Conference on Emerging Smart Computing and Informatics (ESCI). doi:10.1109/esci48226.2020.9167642.

RoopakM, Tian GY, Chambers J (2020) An intrusion detection system against DDoS attacks in IoT networks. In: 2020 10th annual Computing and Communication Workshop and Conference, CCWC 2020. Institute of Electrical and Electronics Engineers Inc., pp 562–567

A Review on Cybersecurity based on Machine Learning and Deep Learning Algorithms, Alan Fuad Jahwar and Siddeeq Y. Ameen, JOURNAL OF SOFT COMPUTING AND DATA MINING VOL.2 NO. 2 (2021) 14-25.

Dhall, D., Kaur, R., Juneja, M. (2020). Machine Learning: A Review of the Algorithms and Its Applications. In: Singh, P., Kar, A., Singh, Y., Kolekar, M., Tanwar, S. (eds) Proceedings of ICRIC 2019 . Lecture Notes in Electrical Engineering, vol 597. Springer, https://doi.org/10.1007/978-3-030-29407-6_5.

Machine learning methods: An overview, Ravil I Muhamedyev, COMPUTER MODELLING & NEW TECHNOLOGIES 2015 19(6) 14-29.

Kasim Ö (2020) An efficient and robust deep learning based network anomaly detection against distributed denial of service attacks. Comput Netw 180:107390

Ramadhan, I., Sukarno, P., & Nugroho, M. A. (2020). Comparative Analysis of K-Nearest Neighbor and Decision Tree in Detecting Distributed Denial of Service. 2020 8th International Conference on Information and Communication Technology (ICoICT). doi:10.1109/icoict49345.2020.9166380

Dash, S.S., Nayak, S.K., Mishra, D. (2021). A Review on Machine Learning Algorithms. In: Mishra, D., Buyya, R., Mohapatra, P., Patnaik, S. (eds) Intelligent and Cloud Computing. Smart Innovation, Systems and Technologies, vol 153. Springer, Singapore. https://doi.org/10.1007/978-981-15-6202-0_51.

Sofi, Irfan Ahmad et al., Machine Learning Techniques used for the Detection and Analysis of Modern Types of DDoS Attacks, International Research Journal of Engineering and Technology (IRJET),2017.

Dasgupta, D., Akhtar, Z., & Sen, S. (2020). Machine learning in cybersecurity: a comprehensive survey. The Journal of Defense Modeling and Simulation: Applications, Methodology, Technology, 154851292095127. doi:10.1177/1548512920951275.

Tuan, T. et al., (2019). Performance evaluation of Botnet DDoS attack detection using machine learning. Evolutionary Intelligence. doi:10.1007/s12065-019-00310-w

Min, E., Long, J., Liu, Q., Cui, J., Chen, W. TR-IDS: Anomaly-based Intrusion Detection Through Text- Convolutional Neural Network and Random Forest. Security and Communication Networks, 2018

Martínez Torres, J., Iglesias Comesaña, C., & García-Nieto, P. J. (2019). Review: machine learning techniques applied to cybersecurity. International Journal of Machine Learning and Cybernetics. doi:10.1007/s13042-018-00906-1.

Mighan, S. N., Kahani, M. Deep Learning based Latent Feature Extraction for Intrusion Detection. Proceed¬ings of Iranian Conference on Electrical Engineering (ICEE), Mashhad, Iran, May 08-10, 2018, 1511-1516. https://doi.org/10.1109/ICEE.2018.8472418.

Tsoukalas L.H., Uhrig R.E. (1997) Fuzzy and neural approaches in engineering. 18216097198.

Pillutla H, Arjunan A. Fuzzy self organizing maps-based DDoS mitigation mechanism for software defined networking in cloud computing. J Ambient Intell Humaniz Comput 2019;10:1547–59

Lysenko, S., Bobrovnikova, K., Shchuka, R., & Savenko, O. (2020). A Cyberattacks Detection Technique Based on Evolutionary Algorithms. 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies (DESSERT). doi:10.1109/dessert50317.2020.9125016.

Sarker, I. H. (2021). Deep Cybersecurity: A Comprehensive Overview from Neural Network and Deep Learning Perspective. SN Computer Science, 2(3). doi:10.1007/s42979-021-00535-6.

Rios, V. de M., Inácio, P. R. M., Magoni, D., & Freire, M. M. (2021). Detection of reduction-of-quality DDoS attacks using Fuzzy Logic and machine learning algorithms. Computer Networks, 186, 107792. doi:10.1016/j.comnet.2020.107792.

Roopak, Monika et al. “Deep Learning Models for Cyber Security in IoT Networks.” 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC) (2019): 0452-0457.

C. Benzaïd, M. Boukhalfa and T. Taleb, "Robust Self-Protection Against Application-Layer (D)DoS Attacks in SDN Environment," 2020 IEEE Wireless Communications and Networking Conference (WCNC), Seoul, Korea (South), 2020, pp. 1-6, doi: 10.1109/WCNC45663.2020.9120472.

Deep Learning Applications In Cyber Security: A Comprehensive Review, Challenges And Prospects, Bhavuk Sharma and Ramchandra Mangrulkar, International Journal of Engineering Applied Sciences and Technology, 2019, Vol. 4, Issue 8, ISSN No. 2455-2143, Pages 148-159.

Berman, D., Buczak, A., Chavis, J., & Corbett, C. (2019). A Survey of Deep Learning Methods for Cyber Security. Information, 10(4), 122. doi:10.3390/info10040122.

Deep Learning for Cyber Security Applications: A Comprehensive Survey, Vinayakumar Ravi et al.,2021.

A. R. Shaaban, E. Abd-Elwanis and M. Hussein, "DDoS attack detection and classification via Convolutional Neural Network (CNN)," 2019 Ninth International Conference on Intelligent Computing and Information Systems (ICICIS), Cairo, Egypt, 2019, pp. 233-238, doi: 10.1109/ICICIS46948.2019.9014826.

Ferrag, M. A., Maglaras, L., Janicke, H., Smith, R. Deep Learning Techniques for Cyber Security Intrusion Detec¬tion: A Detailed Analysis. Proceedings of 6th Internation¬al Symposium for ICS & SCADA Cyber Security Research 2019 (ICS-CSR), Athens, Greece, September 10-12, 2019, 126-136. https://doi.org/10.14236/ewic/icscsr19.16.

Xu, C., Shen, J., Du, X. Low-rate DoS Attack Detection Method Based on Hybrid Deep Neural Networks. Jour-nal of Information Security and Applications, 2021, 60, 102879. https://doi.org/10.1016/j.jisa.2021.102879.

Wu, Y., Wei, D., & Feng, J. (2020). Network Attacks Detection Methods Based on Deep Learning Techniques: A Survey. Security and Communication Networks, 2020, 1–17. doi:10.1155/2020/8872923.

Li, C., Wu, Y., Yuan, X., Sun, Z., Wang, W., Li, X., Gong, L. Detection and Defense of DDoS Attack-Based on Deep Learning in Openflow-Based SDN. International Jour¬nal of Communication Systems, 2018, 31(5), e3497 https://doi.org/10.1002/dac.3497.

Shieh, C. S., Lin, W. W., Nguyen, T. T., Chen, C. H., Horng, M. F., Miu, D. Detection of Unknown DDoS At-tacks with Deep Learning and Gaussian Mixture Mod¬el. Applied Sciences, 2021, 11(11), 5213. https://doi. org/10.3390/app11115213.

Liu, L., Lin, J., Wang, P., Liu, L., Zhou, R. Deep Learn-ing-Based Network Security Data Sampling and Anomaly Prediction in Future Network. Discrete Dynamics in Nature and Society, 2020. https://doi. org/10.1155/2020/4163825.

Kohonen, T. Self-organized formation of topologically correct feature maps. Biol. Cybern. 43, 59–69 (1982). https://doi.org/10.1007/BF00337288.

Self-Organization Map (SOM) Algorithm for DDoS Attack Detection in Distributed Software Defined Network (D-SDN), Mohsen Rafiee and Alireza shirmarz, Journal of Information Systems and Telecommunication Vol.10, No.2, April-June 2022, 120-131

Dixit, P., & Silakari, S. (2021). Deep Learning Algorithms for Cybersecurity Applications: A Technological and Status Review. Computer Science Review, 39, 100317. doi:10.1016/j.cosrev.2020.100317.

Yadav, S., Subramanian, S. Detection of Application Layer DDoS Attack by Feature Learning using Stacked AutoEncoder. Proceedings of International Confer¬ence on Computational Techniques in Information and Communication Technologies (ICCTICT), New Delhi, March 11-13, 2016, 361-366. https://doi.org/10.1109/ ICCTICT.2016.7514608.

K. Yang, J. Zhang, Y. Xu and J. Chao, "DDoS Attacks Detection with AutoEncoder," NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium, Budapest, Hungary, 2020, pp. 1-9, doi: 10.1109/NOMS47738.2020.9110372.

Ali, S., and Li, Y. Learning Multilevel Auto-Encoders for DDoS Attack Detection in Smart Grid Network. IEEE Access, 2019, 7, 108647-108659. https://doi. org/10.1109/ACCESS.2019.2933304.

Mayuranathan, M., Murugan, M., & Dhanakoti, V. (2019). Best features based intrusion detection system by RBM model for detecting DDoS in cloud environment. Journal of Ambient Intelligence and Humanized Computing. doi:10.1007/s12652-019-01611-9.

Ibrahim Yousif IBRAHIM and Sefer KURNAZ, A NEW DISTRIBUTED DENIAL-OF-SERVICE DETECTION SYSTEM IN CLOUD ENVIRONMENT BY USING DEEP BELIEF NETWORKS, Commun.Fac.Sci.Univ.Ank.Series A2-A3, Volume 63, Number 1, Pages 17-24 (2021), DOI: 10.33769/aupse.697067.

Sabeel, U., Heydari, S. S., Mohanka, H., Bendhaou, Y., El¬gazzar, K., El-Khatib, K. Evaluation of Deep Learning in Detecting Unknown Network Attacks. Proceedings of International Conference on Smart Applications, Communications and Networking (SmartNets), South Sinai Governorate, Egypt, December 17-18, 2019, 1-6. https:// doi.org/10.1109/SmartNets48225.2019.9069788.

Kasongo, S. M., Sun, Y. A Deep Learning Method with Wrapper based Feature Extraction for Wireless Intru-sion Detection System. Computers and Security, 2020, 92, 101752. https://doi.org/10.1016/j.cose.2020.101752.

Agarwal, A., Khari, M., Singh, R. Detection of DDOS At-tack using Deep Learning Model in Cloud Storage Ap-plication. Wireless Personal Communications, 2021, 1-21. https://doi.org/10.1007/s11277-021-08271-z

Makuvaza, A., Jat, D.S. & Gamundani, A.M. Deep Neural Network (DNN) Solution for Real-time Detection of Distributed Denial of Service (DDoS) Attacks in Software Defined Networks (SDNs). SN COMPUT. SCI. 2, 107 (2021). https://doi.org/10.1007/s42979-021-00467-1.

Artificial Neural Network for Cybersecurity: A Comprehensive Review, Institute of Information and Communication Technology, Bangladesh University of Engineering and Technology, Dhaka-1205, Prajoy Podder et al., 2021.

Shieh, C. et al.,Detection of Adversarial DDoS Attacks Using Generative Adversarial Networks with Dual Discriminators. Symmetry 2022, 14, 66. https://doi.org/10.3390/sym14010066

S. Haider et al., "A Deep CNN Ensemble Framework for Efficient DDoS Attack Detection in Software Defined Networks," in IEEE Access, vol. 8, pp. 53972-53983, 2020, doi: 10.1109/ACCESS.2020.2976908.

Elsayed M.S., Le-Khac N.A., Dev S, Jurcut A.D. (2020) DDoSNet: a deeplearning model for detecting network attacks. In: Proceedings— 21st IEEE international symposium on a World of Wireless, Mobile and Multimedia Networks, WoWMoM 2020. Institute of Electrical and Electronics Engineers Inc., pp 391–396

Srinivasan, K., Mubarakali, A., Alqahtani, A.S., Dinesh Kumar, A. (2020). A Survey on the Impact of DDoS Attacks in Cloud Computing: Prevention, Detection and Mitigation Techniques. In: Balaji, S., Rocha, Á., Chung, YN. (eds) Intelligent Communication Technologies and Virtual Mobile Networks. ICICV 2019. Lecture Notes on Data Engineering and Communications Technologies, vol 33. Springer, Cham. https://doi.org/10.1007/978-3-030-28364-3_24

Virupakshar KB, Asundi M, Channal K, Shettar P, Patil S, Narayan DG (2020) Distributed Denial of Service (DDoS) attacks detection system for OpenStack-based Private Cloud. Procedia Comput Sci 167:2297–2307.

Rozan Khader and Derar Eleyan, Survey of DoS/DDoS attacks in IoT, Sustainable Engineering and Innovation ISSN 2712-0562 Vol. 3, No. 1, January 2021, pp.23-28, https://doi.org/10.37868/sei.v3i1.124

F. Hussain, S. G. Abbas, M. Husnain, U. U. Fayyaz, F. Shahzad and G. A. Shah, "IoT DoS and DDoS Attack Detection using ResNet," 2020 IEEE 23rd International Multitopic Conference (INMIC), Bahawalpur, Pakistan, 2020, pp. 1-6, doi: 10.1109/INMIC50486.2020.9318216.

Amaizu G.C., Nwakanma C.I., Bhardwaj S, Lee J.M., KimDS (2021) Composite and efficient DDoS attack detection framework for B5G networks. Comput Netw 188:107871.

Rani, S., Saini, P. (2020). Fog Computing: Applications and Secure Data Aggregation. In: Gupta, B., Perez, G., Agrawal, D., Gupta, D. (eds) Handbook of Computer Networks and Cyber Security. Springer, Cham. https://doi.org/10.1007/978-3-030-22277-2_19

Priyadarshini R, Barik R.K. (2019) A deep learning based intelligent framework to mitigate DDoS attack in fog environment. J King Saud Univ Comput Inf Sci


  • There are currently no refbacks.

Abava  Кибербезопасность FRUCT 2023

ISSN: 2307-8162