TY - JOUR
T1 - A novel DDoS attack detection method using optimized generalized multiple kernel learning
AU - Cheng, Jieren
AU - Li, Junqi
AU - Tang, Xiangyan
AU - Sheng, Victor S.
AU - Zhang, Chen
AU - Li, Mengyang
N1 - Funding Information:
Acknowledgement: This work was supported by the Hainan Provincial Natural Science Foundation of China [2018CXTD333, 617048]; National Natural Science Foundation of China [61762033, 61702539]; Hainan University Doctor Start Fund Project [kyqd1328]; Hainan University Youth Fund Project [qnjj1444].
Publisher Copyright:
© 2020 Tech Science Press. All rights reserved.
PY - 2020
Y1 - 2020
N2 - Distributed Denial of Service (DDoS) attack has become one of the most destructive network attacks which can pose a mortal threat to Internet security. Existing detection methods cannot effectively detect early attacks. In this paper, we propose a detection method of DDoS attacks based on generalized multiple kernel learning (GMKL) combining with the constructed parameter R. The super-fusion feature value (SFV) and comprehensive degree of feature (CDF) are defined to describe the characteristic of attack flow and normal flow. A method for calculating R based on SFV and CDF is proposed to select the combination of kernel function and regularization paradigm. A DDoS attack detection classifier is generated by using the trained GMKL model with R parameter. The experimental results show that kernel function and regularization parameter selection method based on R parameter reduce the randomness of parameter selection and the error of model detection, and the proposed method can effectively detect DDoS attacks in complex environments with higher detection rate and lower error rate.
AB - Distributed Denial of Service (DDoS) attack has become one of the most destructive network attacks which can pose a mortal threat to Internet security. Existing detection methods cannot effectively detect early attacks. In this paper, we propose a detection method of DDoS attacks based on generalized multiple kernel learning (GMKL) combining with the constructed parameter R. The super-fusion feature value (SFV) and comprehensive degree of feature (CDF) are defined to describe the characteristic of attack flow and normal flow. A method for calculating R based on SFV and CDF is proposed to select the combination of kernel function and regularization paradigm. A DDoS attack detection classifier is generated by using the trained GMKL model with R parameter. The experimental results show that kernel function and regularization parameter selection method based on R parameter reduce the randomness of parameter selection and the error of model detection, and the proposed method can effectively detect DDoS attacks in complex environments with higher detection rate and lower error rate.
KW - DDoS attack detection
KW - GMKL
KW - Parameter optimization
UR - http://www.scopus.com/inward/record.url?scp=85082293223&partnerID=8YFLogxK
U2 - 10.32604/cmc.2020.06176
DO - 10.32604/cmc.2020.06176
M3 - Article
AN - SCOPUS:85082293223
SN - 1546-2218
VL - 62
SP - 1423
EP - 1443
JO - Computers, Materials and Continua
JF - Computers, Materials and Continua
IS - 3
ER -