Deep Ensemble Learning With Pruning for DDoS Attack Detection in IoT Networks
The upsurge of Internet of Things (IoT) devices has increased their vulnerability to Distributed Denial of Service (DDoS) attacks. DDoS attacks have evolved into complex multi-vector threats that high-volume and low-volume attack strategies, posing challenges for detection using traditional methods....
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2024-01-01
|
| Series: | IEEE Transactions on Machine Learning in Communications and Networking |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10513369/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850051376513548288 |
|---|---|
| author | Makhduma F. Saiyedand Irfan Al-Anbagi |
| author_facet | Makhduma F. Saiyedand Irfan Al-Anbagi |
| author_sort | Makhduma F. Saiyedand |
| collection | DOAJ |
| description | The upsurge of Internet of Things (IoT) devices has increased their vulnerability to Distributed Denial of Service (DDoS) attacks. DDoS attacks have evolved into complex multi-vector threats that high-volume and low-volume attack strategies, posing challenges for detection using traditional methods. These challenges highlight the importance of reliable detection and prevention measures. This paper introduces a novel Deep Ensemble learning with Pruning (DEEPShield) system, to efficiently detect both high- and low-volume DDoS attacks in resource-constrained environments. The DEEPShield system uses ensemble learning by integrating a Convolutional Neural Network (CNN) and a Long Short-Term Memory (LSTM) network with a network traffic analysis system. This system analyzes and preprocesses network traffic while being data-agnostic, resulting in high detection accuracy. In addition, the DEEPShield system applies unit pruning to refine ensemble models, optimizing them for deployment on edge devices while maintaining a balance between accuracy and computational efficiency. To address the lack of a detailed dataset for high- and low-volume DDoS attacks, this paper also introduces a dataset named HL-IoT, which includes both attack types. Furthermore, the testbed evaluation of the DEEPShield system under various load scenarios and network traffic loads showcases its effectiveness and robustness. Compared to the state-of-the-art deep ensembles and deep learning methods across various datasets, including HL-IoT, ToN-IoT, CICIDS-17, and ISCX-12, the DEEPShield system consistently achieves an accuracy over 90% for both DDoS attack types. Furthermore, the DEEPShield system achieves this performance with reduced memory and processing requirements, underscoring its adaptability for edge computing scenarios. |
| format | Article |
| id | doaj-art-33b07b79e16544f6be33d5ffdcfdbb6e |
| institution | DOAJ |
| issn | 2831-316X |
| language | English |
| publishDate | 2024-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Transactions on Machine Learning in Communications and Networking |
| spelling | doaj-art-33b07b79e16544f6be33d5ffdcfdbb6e2025-08-20T02:53:09ZengIEEEIEEE Transactions on Machine Learning in Communications and Networking2831-316X2024-01-01259661610.1109/TMLCN.2024.339541910513369Deep Ensemble Learning With Pruning for DDoS Attack Detection in IoT NetworksMakhduma F. Saiyedand0Irfan Al-Anbagi1https://orcid.org/0000-0001-9192-7976Faculty of Engineering and Applied Science, University of Regina, Regina, SK, CanadaFaculty of Engineering and Applied Science, University of Regina, Regina, SK, CanadaThe upsurge of Internet of Things (IoT) devices has increased their vulnerability to Distributed Denial of Service (DDoS) attacks. DDoS attacks have evolved into complex multi-vector threats that high-volume and low-volume attack strategies, posing challenges for detection using traditional methods. These challenges highlight the importance of reliable detection and prevention measures. This paper introduces a novel Deep Ensemble learning with Pruning (DEEPShield) system, to efficiently detect both high- and low-volume DDoS attacks in resource-constrained environments. The DEEPShield system uses ensemble learning by integrating a Convolutional Neural Network (CNN) and a Long Short-Term Memory (LSTM) network with a network traffic analysis system. This system analyzes and preprocesses network traffic while being data-agnostic, resulting in high detection accuracy. In addition, the DEEPShield system applies unit pruning to refine ensemble models, optimizing them for deployment on edge devices while maintaining a balance between accuracy and computational efficiency. To address the lack of a detailed dataset for high- and low-volume DDoS attacks, this paper also introduces a dataset named HL-IoT, which includes both attack types. Furthermore, the testbed evaluation of the DEEPShield system under various load scenarios and network traffic loads showcases its effectiveness and robustness. Compared to the state-of-the-art deep ensembles and deep learning methods across various datasets, including HL-IoT, ToN-IoT, CICIDS-17, and ISCX-12, the DEEPShield system consistently achieves an accuracy over 90% for both DDoS attack types. Furthermore, the DEEPShield system achieves this performance with reduced memory and processing requirements, underscoring its adaptability for edge computing scenarios.https://ieeexplore.ieee.org/document/10513369/CNNdeep learningDDoS attacksensemble learningIoT securityLSTM |
| spellingShingle | Makhduma F. Saiyedand Irfan Al-Anbagi Deep Ensemble Learning With Pruning for DDoS Attack Detection in IoT Networks IEEE Transactions on Machine Learning in Communications and Networking CNN deep learning DDoS attacks ensemble learning IoT security LSTM |
| title | Deep Ensemble Learning With Pruning for DDoS Attack Detection in IoT Networks |
| title_full | Deep Ensemble Learning With Pruning for DDoS Attack Detection in IoT Networks |
| title_fullStr | Deep Ensemble Learning With Pruning for DDoS Attack Detection in IoT Networks |
| title_full_unstemmed | Deep Ensemble Learning With Pruning for DDoS Attack Detection in IoT Networks |
| title_short | Deep Ensemble Learning With Pruning for DDoS Attack Detection in IoT Networks |
| title_sort | deep ensemble learning with pruning for ddos attack detection in iot networks |
| topic | CNN deep learning DDoS attacks ensemble learning IoT security LSTM |
| url | https://ieeexplore.ieee.org/document/10513369/ |
| work_keys_str_mv | AT makhdumafsaiyedand deepensemblelearningwithpruningforddosattackdetectioniniotnetworks AT irfanalanbagi deepensemblelearningwithpruningforddosattackdetectioniniotnetworks |