Skip to main content
Springer Nature Link
Log in

E-SDNN: encoder-stacked deep neural networks for DDOS attack detection

  • Original Article
  • Published:
Neural Computing and Applications Aims and scope Submit manuscript

Abstract

The increasing reliance on internet-based services has heightened the vulnerability of network infrastructure to cyberattacks, particularly distributed denial of service (DDoS) attacks. These attacks can cause severe disruptions and significant financial losses. Early detection of malicious traffic is crucial in effectively combating such threats. This paper presents an innovative approach called the Encoder-Stacked deep neural networks (E-SDNN) model, which leverages Stacked/bagged multi-layer perceptrons (MLP) for accurate DDoS attack detection. The proposed method employs an encoder to select pertinent features from a preprocessed dataset, enabling precise attack detection. Extensive experiments were conducted on benchmark cybersecurity datasets, namely CICDS2017 and CICDDoS2019, encompassing various DDoS attack scenarios. The experimental results demonstrate the superiority of the E-SDNN model compared to state-of-the-art methods. The proposed E-SDNN model achieved an impressive overall accuracy rate of 99.94% and 98.86% for CICDDS2017 and CICDDoS2019, respectively.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

Data availability

The CICDS 2017 and CICDDoS2019 datasets were obtained from the Canadian Institute for Cybersecurity repository (https://www.unb.ca/cic/datasets.html). The CICDS 2017 dataset details and principles are outlined in [44]. In addition, the code is available on request.

Notes

  1. DDoS 2019 | Datasets | Research | Canadian Institute for Cybersecurity | UNB.

References

  1. Da Costa KA, Papa JP, Lisboa CO, Munoz R, de Albuquerque VHC (2019) Internet of things: a survey on machine learning-based intrusion detection approaches. Comput Network 151:147–157. https://doi.org/10.1016/j.comnet.2019.01.023

    Article  Google Scholar 

  2. Hajiheidari S, Wakil K, Badri M, Navimipour NJ (2019) Intrusion detection systems in the internet of things: a comprehensive investigation. Comput Network 160:165–191. https://doi.org/10.1016/j.comnet.2019.05.014

    Article  Google Scholar 

  3. Zehra U, Shah MA (2017) A survey on resource allocation in software defined networks (sdn). In: 2017 23rd International conference on automation and computing. ICAC, pp 16. https://doi.org/10.23919/IConAC.2017.8082092

  4. Farris I, Taleb T, Khettab Y, Song J (2019) A survey on emerging sdn and nfv security mechanisms for iot systems. IEEE Commun Surv Tutor 21:812–837. https://doi.org/10.1109/COMST.2018.2862350

    Article  Google Scholar 

  5. Zhang S, Wang Y, Zhou W (2019) Towards secure 5g networks: a survey. Comput Network 162:106871. https://doi.org/10.1016/j.comnet.2019.106871

    Article  Google Scholar 

  6. Lopez-Martin M, Carro B, Sanchez-Esguevillas A, Lloret J (2017) Conditional variational autoencoder for prediction and feature recovery applied to intrusion detection in IoT. Sensors. https://doi.org/10.3390/s17091967

    Article  Google Scholar 

  7. Wang P, Yang LT, Nie X, Ren Z, Li J, Kuang L (2020) Data-driven software defined network attack detection: state-of-the-art and perspectives. Inf Sci 513:65–83. https://doi.org/10.1016/j.ins.2019.08.047

    Article  Google Scholar 

  8. Correa Chica JC, Imbachi JC, Botero Vega JF (2020) Security in sdn: a comprehensive survey. J Netw Comput Appl 159:102595. https://doi.org/10.1016/j.jnca.2020.102595

    Article  Google Scholar 

  9. Jinhui W (2019) The current main distributed denial of service and defence methods. In: 2019 12th International conference on intelligent computation technology and automation (ICICTA), Xiangtan, China, pp 351355

  10. SaiSindhuTheja R, Shyam GK (2021) An efficient metaheuristic algorithm based feature selection and recurrent neural network for DoS attack detection in cloud computing environment. Appl Soft Comput 100:106997

    Article  Google Scholar 

  11. Khorshed MT, Shawkat Ali ABM, Wasimi SA (2012) A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing. Proc Future Gener Comput Syst. 28(6):833–851

    Article  Google Scholar 

  12. Disha RA, Waheed S (2022) Performance analysis of machine learning models for intrusion detection system using Gini Impurity-based weighted random forest (GIWRF) feature selection technique. Cybersecurity 5(1):1

    Article  Google Scholar 

  13. Wang S, Gomez K, Sithamparanathan K, Asghar MR, Russello G, Zanna P (2021) Mitigating DDoS Attacks in SDN-based IoT networks leveraging secure control and data plane algorithm. Appl Sci 11:929

    Article  Google Scholar 

  14. Vinayakumar R, Alazab M, Soman KP, Poornachandran P, Al-Nemrat A, Venkatraman S (2019) Deep learning approach for intelligent intrusion detection system. IEEE Access 7:41525–41550

    Article  Google Scholar 

  15. Kaspersky (2020) Ddos attacks in Q2 2020. Available at https://securelist.com/ddosattacks-in-q2-2020/98077/ (2020/01/04)

  16. Cook S, Corero network security, 20+ DDoS attack statistics and facts for 2018–2023, February 10, 2023, [online]. Available: https://www.comparitech.com/blog/information-security/ddos-statistics-facts.html. [Accessed 23 March 2023]

  17. Cil AE, Yildiz K, Buldu A (2021) Detection of DDoS attacks with feed forward based deep neural network model. Expert Syst Appl 169:114520

    Article  Google Scholar 

  18. Amanullah MA, Habeeb RAA, Nasaruddin FH, Gani A, Ahmed E, Nainar ASM, Imran M (2020) Deep learning and big data technologies for IoT security. Comput Commun 151:495–517.

    Article  Google Scholar 

  19. Hosseini S, Azizi M (2019) The hybrid technique for DDoS detection with supervised learning algorithms. Comput Netw 158:35–45

    Article  Google Scholar 

  20. Shaaban AR, Abdelwaness E, Hussein M (2019) TCP and HTTP flood DDOS attack analysis and detection for space ground network. In: 2019 IEEE international conference on vehicular electronics and safety (ICVES), Cairo, Egypt, pp 1–6

  21. Ahmad Z, Shahid Khan A, Wai Shiang C, Abdullah J, Ahmad F (2021) Network intrusion detection system: a systematic study of machine learning and deep learning approaches. Trans Emerg Telecommun Technol 32(1):e4150

    Article  Google Scholar 

  22. Lin WH, Lin HC, Wang P, Wu BH, Tsai JY (2018) Using convolutional neural networks to network intrusion detection for cyber threats. In: 2018 IEEE international conference on applied system invention, pp 1107–1110. https://doi.org/10.1109/ICASI.2018.8394474

  23. Zahid Hasan Md, Zubair Hasan KM, Sattar A (2018) Burst header packet flood detection in optical burst switching network using deep learning model. Proced Comput Sci 143:970–977

    Article  Google Scholar 

  24. Priyadarshini R, Barik RK (2022) A deep learning based intelligent framework to mitigate DDoS attack in fog environment. J King Saud Univer-Comput Inf Sci 34(3):825–831

    Google Scholar 

  25. Krishnan P, Duttagupta S, Achuthan K (2019) VARMAN: multi-plane security framework for software defined networks. Comput Commun 148:215–239

    Article  Google Scholar 

  26. Ujjan RMA, Pervez Z, Dahal K, Bashir AK, MumtazGonz´ alez RJ (2020) Towards sflow and adaptive polling sampling for deep learning based DDoS detection in SDN. Future Gener Comput Syst 111:763–779

    Article  Google Scholar 

  27. Assis MV, Carvalho LF, Lloret J, Proença ML Jr (2021) A GRU deep learning system against attacks in software defined networks. J Netw Comput Appl 177:102942

    Article  Google Scholar 

  28. Basati A, Faghih MM (2021) APAE: an IoT intrusion detection system using asymmetric parallel auto-encoder. Neural Comput Appl 1–21

  29. Diaba SY, Elmusrati M (2023) Proposed algorithm for smart grid DDoS detection based on deep learning. Neural Netw 159:175–184

    Article  Google Scholar 

  30. VarmaRR RKPSM, Vanitha (2023) Enhanced Elman spike neural network based intrusion attack detection in software defined Internet of Things network. Concurr Comput: Pract Exp 35(2):e7503

    Article  Google Scholar 

  31. Charanarur P, Thanh Hung B, Chakrabarti P, Siva Shankar S (2024) Design optimization-based software-defined networking scheme for detecting and preventing attacks. Multimed Tools Appl, 1–19

  32. Balamurugan V, Karthikeyan R, Sundaravadivazhagan B, Cyriac R (2023) Enhanced elman spike neural network based fractional order discrete tchebyshev encryption fostered big data analytical method for enhancing cloud data security. Wireless Netw 29(2):523–537

    Article  Google Scholar 

  33. Kumar A, Sharma I (2023) CNN-based approach for IoT intrusion attack detection. In: 2023 International conference on sustainable computing and data communication systems (ICSCDS), pp 492–496. IEEE

  34. Saikam J, Ch K (2024) EESNN: hybrid deep learning empowered spatial-temporal features for network intrusion detection system. IEEE Access

  35. Sharma T, Patni K, Li Z, Trajković L (2023) Deep echo state networks for detecting internet worm and ransomware attacks. In: 2023 IEEE international symposium on circuits and systems (ISCAS), pp 1–5. IEEE

  36. Salemi H, Rostami H, Talatian-Azad S, Khosravi MR (2021) LEAESN: predicting DDoS attack in healthcare systems based on lyapunov exponent analysis and echo state neural networks. Multimed Tools Appli 1–22

  37. Mittal M, Kumar K, Behal S (2022) Deep learning approaches for detecting DDoS attacks: a systematic review. Soft Comput 1–37

  38. Doriguzzi-Corin R, Millar S, Scott-Hayward S, Martinez-Del-Rincon J, Siracusa D (2020) Lucid: a practical, lightweight deep learning solution for DDoS attack detection. IEEE Trans Netw Serv Manag 17:876–889

    Article  Google Scholar 

  39. Liang XW, Jiang AP, Li T, Xue YY, Wang GT (2020) LR-SMOTE—an improved unbalanced data set oversampling based on K-means and SVM. Knowl-Based Syst 196:105845

    Article  Google Scholar 

  40. Chawla NV, Bowyer KW, Hall LO, Kegelmeyer WP (2002) SMOTE: synthetic minority over-sampling technique. J Artif Intell Res 16:321–357

    Article  Google Scholar 

  41. Liu H, Lang B (2019) Machine learning and deep learning methods for intrusion detection system: a survey. Appl Sci 9:4396

    Article  Google Scholar 

  42. Radoglou-Grammatikis PI, Sarigiannidis PG (2018) An anomaly-based intrusion detection system for the smart grid based on CART decision tree. In: 2018 Global information infrastructure and networking symposium, pp 1–5

  43. Ring M, Wunderlich S, Scheuring D, Landes D, Hotho A (2019) A survey of network-based intrusion detection data sets. Comput Secur 86:147–167

    Article  Google Scholar 

  44. Sharafaldin I, Habibi AL, Ghorbani AA. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: 4th International conference on information systems security and privacy (ICISSP), Portugal, January 2018.

  45. Saikam J, Ch K (2023) An ensemble approach-based intrusion detection system utilizing ISHO-HBA and SE-ResNet152. Int J Inf Secur, 1–18

  46. Khoei TT, Aissou G, Hu WC, Kaabouch N (2021) Ensemble learning methods for anomaly intrusion detection system in smart grid. In: 2021 IEEE international conference on electro information technology, pp 129–135. IEEE

  47. Shum J, Malki HA (2008) Network intrusion detection system using neural networks. In: 2008 Fourth international conference on natural computation, pp 242–246. https://doi.org/10.1109/ICNC.2008.900

  48. Peng W, Kong X, Peng G, Li X, Wang Z (2019) Network intrusion detection based on deep learning. In: 2019 International conference on communications, information system and computer engineering, pp 431–435. https://doi.org/10.1109/CISCE.2019.00102.

  49. Almomani I, Alkhayer A, El-Shafai W (2022) An automated vision-based deep learning model for efficient detection of android malware attacks. IEEE Access 10:2700–2720. https://doi.org/10.1109/ACCESS.2022.3140341

    Article  Google Scholar 

Download references

Acknowledgements

The authors extend the appreciation to the Deanship of Postgraduate Studies and Scientific Research at Majmaah University for funding this research work through the project number R-2024-984.

Author information

Authors and Affiliations

  1. Research Groups in Intelligent Machines, National School of Engineers (ENIS), University of Sfax, BP 1173, 3038, Sfax, Tunisia

    Emna Benmohamed

  2. Department of Cyber Security, College of Engineering and Information Technology, Onaizah Colleges, P. O. Box 5371, Onaizah, Kingdom of Saudi Arabia

    Emna Benmohamed

  3. Applied College, Imam Mohammad Ibn Saud Islamic University (IMSIU), Riyadh, Kingdom of Saudi Arabia

    Adel Thaljaoui & Mansor Alohali

  4. Preparatory Institute for Engineering Studies of Gafsa, Gafsa, Tunisia

    Adel Thaljaoui

  5. Department of Computer Sciences, Faculty of Sciences of Gafsa, University of Gafsa, Gafsa, Tunisia

    Salim Elkhediri

  6. Department of Information Technology, College of Computer, Qassim University, Buraydah, Kingdom of Saudi Arabia

    Salim Elkhediri & Suliman Aladhadh

Authors
  1. Emna Benmohamed
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Adel Thaljaoui
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Salim Elkhediri
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Suliman Aladhadh
    View author publications

    You can also search for this author inPubMed Google Scholar

  5. Mansor Alohali
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Adel Thaljaoui.

Ethics declarations

Conflict of interest

The authors declare that there is no conflict of interest in presenting this manuscript.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Benmohamed, E., Thaljaoui, A., Elkhediri, S. et al. E-SDNN: encoder-stacked deep neural networks for DDOS attack detection. Neural Comput & Applic 36, 10431–10443 (2024). https://doi.org/10.1007/s00521-024-09622-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00521-024-09622-0

Keywords