MF-CNN: a New Approach for LDoS Attack Detection Based on Multi-feature Fusion and CNN
Dan Tang, Liu Tang, Wei Shi, Sijia Zhan, Qiuwei Yang
Mobile Networks and Applications
Login to get access
Low-rate denial-of-service (LDoS) attack reduce the performance of network services by periodically sending short-term and high-pulse packets. The behavior of LDoS attack is indistinguishable from normal traffic due to its low average rate. Many networks do not have an effective mechanism to deal with the threat from LDoS attack, including the emerging Internet of Things. When LDoS attack occurs, multiple features of network will change. It is difficult to describe the state of the whole network by one feature. So it needs many features to precisely represent the state of the network. In this paper, we propose a LDoS attack detection method based on multi-feature fusion and convolution neural network(CNN). In this method, we compute a variety of network features and fuse them into a feature map, which will be used to characterize the state of the network. CNN model is an excellent classification algorithm for image recognition in the field of deep learning. It can distinguish the difference between feature maps and detect the feature maps which contain LDoS attack. We validate and evaluate our method by conducting experiments on NS2 simulation platform and test-bed platform. The experimental results show that our method can detect LDoS attack effectively.