Cyber-attacks have been one of the deadliest attacks in today’s world. One of them is DDoS (Distributed Denial of Services). It is a cyber-attack in which the attacker attacks and makes a network or a machine unavailable to its intended users temporarily or indefinitely, interrupting services of the host that are connected to a network. To define it in simple terms, It’s an attack accomplished by flooding the target machine with unnecessary requests in an attempt to overload and make the systems crash and make the users unable to use that network or a machine. In this research paper, we present the detection of DDoS attacks using neural networks, that would flag malicious and legitimate data flow, preventing network performance degradation. We compared and assessed our suggested system against current models in the field. We are glad to note that our work was 99.7% accurate.
In the present era, Artificial Neural Networks (ANN) have gained a lot of popularity regarding their usage in real life. Artificial neural networks are used in Speech recognition. To ease the communication barrier, a simple solution could be, communication in a spoken language that is possible for the machine to understand with the help of ANN. This is mainly used in Virtual Assistants like Siri, Alexa and Google. Human Facial Recognition is one of the biometric approaches for identifying a certain face. Because of this, the classification of "non-face" pictures had become a common task. However, if a neural network is sufficiently trained, we can use it very efficiently. We have done the same for detecting DDoS attacks by using the CICDDoS2019 dataset. The base network of the model has input dimensions that equal the features of the dataset. This dense layer is processed by dropout of 0.25 with ReLU activation function, fed to a similar stack of 3 layers and compiled with categorical cross-entropy loss with "RMSProp" optimizer. The shape of every dense layer is 64 with the last flattened layer consisting of 2 outputs. The total trainable parameters of this sequential model are 9730.
Our model achieved better results using a smaller value of dropout with a ReLU activation function for every layer. It can be observed that the model achieved overall accuracy up to 99.7%, which was trained for 40 epochs. Furthermore, we changed the number of hidden layers, iteration, number of channels per hidden layer, and the activation function for each. The best performance is achieved when we used three hidden layers. When the number of hidden layers is increased, the model accuracy remains constant, but the training increases considerably. Therefore, we use three layers in our proposed framework. As a result, the three layers are more convincing to give reasonable results. The performance of the classification methods not only depends on the used technique, but also on the manner in which training and testing data is partitioned. We used samples from each attack type to obtain a balanced dataset with respect to different types of attacks. In our case, the total number of samples for training and validation sets are 271479 and 53880, respectively. To get a realistic detection rate, we used attack records in the testing set that are not represented in the training phase. The total number of records in the testing set is 28000 samples.