A single flow detection enabled method for DDoS attacks in IoT based on traffic feature reconstruction and mapping
To address the slow response time of existing detection modules to Internet of things(IoT)distributed de-nial of service(DDoS)attacks,their low feature differentiation,and poor detection performance,a single flow detec-tion enabled method based on traffic feature reconstruction and mapping(SFDTFRM)was proposed.Firstly,SFDTFRM employed a queue to store previously arrived flow based on the first in,first out rule.Secondly,to address the issue of similarity between normal communication traffic of IoT devices and DDoS attack traffic,a multidimen-sional reconstruction neural network model more lightweight compared to the baseline model and a function mapping method were proposed.The modified model loss function was utilized to reconstruct the quantitative feature matrix of the queue according to the corresponding index,and transformed into a mapping feature matrix through the func-tion mapping method,enhancing the differences between different types of traffic,including normal communication traffic of IoT devices and DDoS attack traffic.Finally,the frequency information was extracted using a text convolu-tional network and information entropy calculation and the machine learning classifier was employed for DDoS at-tack traffic detection.The experimental results on two benchmark datasets show that SFDTFRM can effectively de-tect different DDoS attacks,and the average metrics value of SFDTFRM is a maximum of 12.01%higher than other existing methods.
万方数据
维普
