Research On Distributed Denial Of Service Attack Identification Based On Federated Learning

From the creation of Ethernet in the middle of the last century to the present day,Internet technology has been integrated into the daily life of people in contemporary society,and this has led to many unscrupulous elements using the Internet to make profits for themselves.This has led to many unscrupulous people using the Internet to make money for themselves.The security of the Internet is therefore a very important issue in our society.The key issue in network security is how to accurately identify and take appropriate defensive measures against network attacks launched by criminals through the Internet.Among the various network attacks,distributed denial-of-service attacks are used by many attackers because they are easy to launch and difficult to defend against.Since the rise of machine learning in the latter half of the 20 th century,many researchers have used machine learning to train models to identify and detect cyber attacks,which has greatly improved the accuracy of detection and reduced human resources consumption.At the same time,however,the data received by different websites may contain information that is unique to the ISP or the user of the service,and this data cannot be freely disclosed without causing a serious business reputation crisis.Therefore,how to avoid the leakage of data information in the network traffic dataset during the machine learning training process has become an urgent shortcoming in the field of machine learning and distributed denial of service attack detection.This paper addresses the above issues by attempting to introduce federation learning theory in the field of distributed denial-of-service attack detection,and constructs a federation learning-based distributed denial-of-service attack detection model fed-mlp-mixer around federation learning,so as to solve the problem of data privacy leakage that may occur when training in multiple data sources,and to make the model have sufficient attack recognition capability to take appropriate defensive measures in the event of a distributed denial-of-service attack on the basis of ensuring privacy security.This paper addresses distributed denial-of-service attacks in conjunction with federation learning theory,with the main focus on:(1)To address the problem of uneven models in the field of distributed denial of service attack detection and the need for some models to have a certain knowledge base during training,this paper proposes a distributed denial of service attack identification model based on mlp-mixer through research and analysis of current machine learning techniques and deep learning algorithms.The model firstly maps the network traffic data from the original one-dimensional features to two-dimensional features through feature mapping.Secondly,the model is built based on the mlp-mixer architecture,using the hidden layer mixer to accomplish a function similar to that of an attention mechanism to extract features at the channels level and tokens level,thus improving the final detection capability of the model while reducing the need for researchers' knowledge base.(2)Based on the current research and analysis of federation learning theory and deep learning technology,this paper attempts to combine the mlp-mixer model constructed in the preamble with the federation learning algorithm and proposes a distributed denial-of-service attack detection model based on federation learning with fed-mlp-mixer.detection model.The model is based on the fede The federated averaging algorithm can reduce the number of parameters in the federated interaction process,thus avoiding the risk of data privacy leakage.The federated averaging algorithm minimises the performance loss caused by the fusion of parameters during the federated interaction process,thus ensuring that the final model has sufficient detection capability.(3)The model described in this paper is based on the CICDDoS2019 distributed denial-of-service attack dataset and is combined with current research results to complete the experimental results comparison.The experimental results show that the mlp-mixer-based distributed denial-of-service attack recognition model proposed in this paper has a certain improvement in recognition accuracy compared with the current research results;at the same time,it has sufficient detection capability to complete the task of distinguishing normal traffic from distributed denial-of-service attack traffic,and the task of distinguishing normal traffic from three kinds of flooding attack traffic.Therefore,the research content of this paper has certain reference significance and academic value for the in-depth research of deep learning and the combination of deep learning and federation learning in the field of distributed denial-of-service attack detection.