Detection of Domain Name Server Amplification Distributed Reflection Denial of Service Attacks Using Convolutional Neural Network-Based Image Deep Learning

Domain Name Server (DNS) amplification Distributed Reflection Denial of Service (DRDoS) attacks are a Distributed Denial of Service (DDoS) attack technique in which multiple IT systems forge the original IP of the target system, send a request to the DNS server, and then send a large number of respo...

Full description

Saved in:
Bibliographic Details
Published inElectronics (Basel) Vol. 14; no. 1; p. 76
Main Authors Shin, Hoon, Jeong, Jaeyeong, Cho, Kyumin, Lee, Jaeil, Kwon, Ohjin, Shin, Dongkyoo
Format Journal Article
LanguageEnglish
Published Basel MDPI AG 01.01.2025
Subjects
Accuracy
Artificial neural networks
Communications traffic
Decision trees
Deep learning
Denial of service attacks
Domain names
Experimentation
Machine learning
Malware
Metadata
Neural networks
Servers
Support vector machines
Online AccessGet full text
ISSN2079-9292
2079-9292
DOI10.3390/electronics14010076

Cover

More Information
Summary:Domain Name Server (DNS) amplification Distributed Reflection Denial of Service (DRDoS) attacks are a Distributed Denial of Service (DDoS) attack technique in which multiple IT systems forge the original IP of the target system, send a request to the DNS server, and then send a large number of response packets to the target system. In this attack, it is difficult to identify the attacker because of its ability to deceive the source, and unlike TCP-based DDoS attacks, it usually uses the UDP protocol, which has a fast communication speed and amplifies network traffic by simple manipulating options, making it one of the most widely used DDoS techniques. In this study, we propose a simple convolutional neural network (CNN) model that is designed to detect DNS amplification DRDoS attack traffic and has hyperparameters adjusted through experiments. As a result of evaluating the accuracy of the proposed CNN model for detecting DNS amplification DRDoS attacks, the average accuracy of the experiment was 0.9995, which was significantly better than several machine learning (ML) models in terms of performance. It also showed good performance compared to other deep learning (DL) models, and, in particular, it was confirmed that this simple CNN had the fastest time in terms of execution compared to other deep learning models by experimentation.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2079-9292
2079-9292
DOI:10.3390/electronics14010076