Skip to main content
SpringerLink
Log in

MF-CNN: a New Approach for LDoS Attack Detection Based on Multi-feature Fusion and CNN

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

Low-rate denial-of-service (LDoS) attack reduce the performance of network services by periodically sending short-term and high-pulse packets. The behavior of LDoS attack is indistinguishable from normal traffic due to its low average rate. Many networks do not have an effective mechanism to deal with the threat from LDoS attack, including the emerging Internet of Things. When LDoS attack occurs, multiple features of network will change. It is difficult to describe the state of the whole network by one feature. So it needs many features to precisely represent the state of the network. In this paper, we propose a LDoS attack detection method based on multi-feature fusion and convolution neural network(CNN). In this method, we compute a variety of network features and fuse them into a feature map, which will be used to characterize the state of the network. CNN model is an excellent classification algorithm for image recognition in the field of deep learning. It can distinguish the difference between feature maps and detect the feature maps which contain LDoS attack. We validate and evaluate our method by conducting experiments on NS2 simulation platform and test-bed platform. The experimental results show that our method can detect LDoS attack effectively.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22
Fig. 23
Fig. 24
Fig. 25
Fig. 26

Similar content being viewed by others

References

  1. Wen K, Hai YJ, Zhang B, University T (2014) Survey on Research and Progress of Low-Rate Denial of Service Attacks. J Softw 533(7):37

    Google Scholar 

  2. Yanxiang HE, Liu T, Cao Q, Xiong Q (2008) A survey of Low-rate Denial-of-Service attacks. J Frontiers Comput Sci Technol

  3. Somani G, Gaur MS, Sanghi D, Conti M (2016) DDoS attacks in cloud computing. Comput Netw Int J Comput Telecomm Netw 109(P2):157

    Google Scholar 

  4. Hameed S, Ahmed Khan H (2018) SDN Based Collaborative Scheme for Mitigation of DDoS Attacks. Future Internet 10(3):23

    Article  Google Scholar 

  5. Guan L, Guangjun HU, Wang Z (2016) Research on Network Security Situational Awareness Technology Based on Big Data. Netinfo Security

  6. Jayanthi S, Kumar A (2015) RTO randomization for Low rate DOS attack on a Feedback controlled system. Int J Adv Res Comput Sci 6(2)

  7. Litjens G, Kooi T, Bejnordi BE, Setio AAA, Ciompi F, Ghafoorian M, Van Der Laak JA, Van Ginneken B, Sánchez CI (2017) A survey on deep learning in medical image analysis. Medical Image Analysis 42:60

    Article  Google Scholar 

  8. LeCun Y, Bengio Y, Hinton G (2015) Deep learning. Nature 521(7553):436

    Article  Google Scholar 

  9. Zhang C, Cai Z, Chen W, Luo X, Yin J (2012) Flow level detection and filtering of low-rate DdoS. Comput Netw Int J Comput Telecomm Netw 56(15):3417

    Google Scholar 

  10. Wu Z, Zhang HT, Wang MH, Pei BS (2012) MSABMS-based approach of detecting LDoS attack. Comput Secur 31(4):402

    Article  Google Scholar 

  11. Wu Z, Zhang L, Yue M (2016) Low-Rate DoS Attacks Detection Based on Network Multifractal. IEEE Trans Dependable Secure Comput 13(5):559

    Article  Google Scholar 

  12. Şimşek M (2015) A new metric for flow-level filtering of low-rate DDoS attacks. Secur Commun Netw 8 (18):3815

    Article  Google Scholar 

  13. Agrawal N, Tapaswi S (2018) Low rate cloud DDoS attack defense method based on power spectral density analysis. Inform Process Lett 138:44–55

    Article  MathSciNet  Google Scholar 

  14. Wu X, Tang D, Tang L, Man J, Zhan S, Liu Q (2018) A Low-Rate DoS Attack Detection Method Based on Hilbert Spectrum and Correlation. In: IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI). IEEE, 2018, pp 1358–1363

  15. Guo Y, Duan H, Chen J, Miao F (2016) MAF-SAM: An Effective Method to Perceive Data Plane Threats of Inter Domain Routing System. Comput Netw 110:69

    Article  Google Scholar 

  16. Yue M, Liu L, Wu Z, Wang M (2017) Identifying LDoS attack traffic based on wavelet energy spectrum and combined neural network. Int J Comm Sys 31(2)

  17. Wu Z, Jiang J, Yue M (2017) A Particle Filter-Based Approach for Effectively Detecting Low-Rate Denial of Service Attacks. In: International conference on cyber-enabled distributed computing and knowledge discovery, pp 86–90

  18. Zhang X, Wu Z, Chen J, Yue M (2015) An adaptive KPCA approach for detecting LDoS attack. Int J Commun Sys 30:e2993

    Article  Google Scholar 

  19. Na W, Zhaoyang M, Liangchun Z (2015) Distributed denial of service convert flow detection based on data stream potential energy feature. Comput Eng 41(3):142

    Google Scholar 

  20. Tang D, Dai R, Tang L, Zhan S, Man J (2018) Low-Rate DoS Attack Detection Based on Two-Step Cluster Analysis. In: International conference on information and communications security. Springer, pp 92–104

  21. Cotae P, Kang M, Velazquez A (2016) Spectral analysis of low rate of denial of service attacks detection based on fisher and Siegel tests. In: IEEE international conference on communications (ICC). IEEE, 2016, pp 1–6

  22. Du X, Yang Y, Kang X (2008) Research of Applying Information Entropy and Clustering Technique on Network Traffic Analysis. In: International conference on computational intelligence and security, pp 472–476

  23. Belsare SC (2016) Survey on Defeating Dos Attacks in Low Rate Networks Using Network Multifractal. Int J Res Comput Inform Technol 1:19–21

    Google Scholar 

  24. Chen W, An J, Li R, Li W (2017) Review on deep-learning-based cognitive computing. Acta Automat Sinica 43(11):1886

    MATH  Google Scholar 

  25. Tang D, Chen K, Chen X, Liu H, Li X (2014) Adaptive EWMA Method based on abnormal network traffic for LDoS attacks. Mathematical Problems in Engineering 2014

  26. Luo X, Chan EWW, Chang RKC (2006) Vanguard: A New Detection Scheme for a Class of TCP-targeted Denial-of-Service Attacks. In: Network operations and management symposium, 2006. NOMS 2006. Ieee/ifip, pp 507–518

  27. Rahman MU, Rahman ZU, Fayaz M, Abbas S, Shahsani RK (2017) Performance analysis of TCP/AQM under Low-Rate Denial-of-Service Attacks. In: International conference on inventive computation technologies, pp 1–5

  28. Chen Z, Pham TND, Chai KY, Bu SL, Lau CT (2017) FRRED: Fourier robust RED algorithm to detect and mitigate LDoS attacks. In: Zooming innovation in consumer electronics international conference, pp 13–17

  29. Chen Y, Hwang K, Kwok YK (2005) Collaborative defense against periodic shrew DDoS attacks in frequency domain. In: ACM transactions on information and system security (TISSEC), p 30

  30. Wu Z, Yue M (2008) Detection of LDDoS attack based on Kalman filtering. Acta Electronica Sinica 36 (8):1590e4

    Google Scholar 

Download references

Acknowledgments

This work was supported by National Natural Science Foundation of China (61772189, 61702173), and Hunan Provincial Natural Science Foundation of China (2019JJ40037).

Author information

Authors and Affiliations

  1. College of Computer Science and Electronic Engineering, Hunan University, Changsha, 410082, China

    Dan Tang, Liu Tang, Wei Shi, Sijia Zhan & Qiuwei Yang

Authors
  1. Dan Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liu Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wei Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sijia Zhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Qiuwei Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Liu Tang.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Tang, D., Tang, L., Shi, W. et al. MF-CNN: a New Approach for LDoS Attack Detection Based on Multi-feature Fusion and CNN. Mobile Netw Appl 26, 1705–1722 (2021). https://doi.org/10.1007/s11036-019-01506-1

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-019-01506-1

Keywords

Search

Navigation