Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. Emerging technologies such as the Internet of Things and Software Defined Networking leverage lightweight strategies for the early detection of DDoS attacks. Previous literature demonstrates the utility of lower number of significant features for intrusion detection. Thus, it is essential to have a fast and effective security identification model based on low number of features. In this work, a novel Attention-based Isolation Forest Intrusion Detection System is proposed. The model considerably reduces training time and memory consumption of the generated model. For performance assessment, the model is assessed over two benchmark datasets, the NSL-KDD dataset & the KDDCUP'99 dataset. Experimental results demonstrate that the proposed attention augmented model achieves a significant reduction in execution time, by 91.78%, and an average detection F1-Score of 0.93 on the NSL-KDD and KDDCUP'99 dataset. The results of performance evaluation show that the proposed methodology has low complexity and requires less processing time and computational resources, outperforming other current IDS based on machine learning algorithms.
翻译:互联网和软件定义网络的互联网等新兴技术为早期发现DDoS攻击,提供了轻量的权重战略。以前的文献表明,在入侵探测中,使用较少的重要特征是有用的。因此,必须有一个基于低特性的快速有效的安全识别模型。在这项工作中,提出了一个新的基于注意的孤立森林侵入探测系统。模型大大缩短了所生成模型的培训时间和记忆消耗量。关于绩效评估,在两个基准数据集(NSL-KDDD数据集和KDDCUP'99数据集)上评估模型。实验结果显示,拟议增加的注意使执行时间大大减少了91.78%,在NSL-KDD和KDDCUP'99的其他数据集中平均检测F1-STR为0.93。业绩评估结果表明,基于当前机算的计算方法要求低复杂度,而基于当前机算的计算方法要求以较低时间为基础。