To address the slow response time of existing detection modules to Internet of things(IoT)distributed de-nial of service(DDoS)attacks,their low feature differentiation,and poor detection performance,a single flow detec-tion enabled method based on traffic feature reconstruction and mapping(SFDTFRM)was proposed.Firstly,SFDTFRM employed a queue to store previously arrived flow based on the first in,first out rule.Secondly,to address the issue of similarity between normal communication traffic of IoT devices and DDoS attack traffic,a multidimen-sional reconstruction neural network model more lightweight compared to the baseline model and a function mapping method were proposed.The modified model loss function was utilized to reconstruct the quantitative feature matrix of the queue according to the corresponding index,and transformed into a mapping feature matrix through the func-tion mapping method,enhancing the differences between different types of traffic,including normal communication traffic of IoT devices and DDoS attack traffic.Finally,the frequency information was extracted using a text convolu-tional network and information entropy calculation and the machine learning classifier was employed for DDoS at-tack traffic detection.The experimental results on two benchmark datasets show that SFDTFRM can effectively de-tect different DDoS attacks,and the average metrics value of SFDTFRM is a maximum of 12.01%higher than other existing methods.
维普
万方数据
