A Novel DDoS Detection and Multi-Class Classification Method: A Graph Convolutional Network Approach

Files

Brock_Saunders_Braden_2024.pdf (308.65 KB)

Date

Authors

Saunders, Braden

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Distributed Denial of Service (DDoS) is an attack that overwhelms the cyber critical infrastructure system with malicious packets causing it to become unresponsive, which precludes legitimate users from accessing the target system. This work leverages a deep learning method known as Graph Convolutional Network (GCN) to empower DDoS detection systems. The proposed GCN model consists of three hidden layers, each with 128 neurons. Considering the Canadian Institute for Cybersecurity CIC-IDS 2017 dataset, the proposed model achieves an overall accuracy of 99.95%, along with a value of 99.95% for each of the precision, recall, and F1-score metrics for the binary DDoS classification problem. For the multi-class DDoS classification problem, the model scores an overall accuracy of 98.94% and precision, recall, and F1-score values of over 93% for all classes. These results support the use of the proposed GCN DDoS detection method in practice.

Description

Keywords

Graph convolutional network, DDoS attacks, Intelligent network attack solutions, Network anomaly detection, Packet classification

Citation

URI

http://hdl.handle.net/10464/18271

Collections

Computer Science MRP