DDoS Attack Detection Based On Bayesian Optimization Algorithm And Ensemble Learning

The Internet is currently suffering from distributed denial-of-service attacks,in which actors maliciously disable network resources to their intended users by temporarily or indefinitely disrupting service to Internet-connected hosts.Distributed Denial of Service(DDoS)attacks are constantly evolving with changes in computer and network technology and attacker motivations.In recent years,many DDoS detection algorithms and some other detection methods have been proposed.Here,this article will summarize some of these methods,mainly from the following aspects,namely detection based on statistical learning,detection based on machine learning,detection based on deep learning,and detection methods based on ensemble learning.Then it summarizes the problems existing in the current DDoS attack detection model,and gives the solution in this paper.The main problems of the current detection model include old and unbalanced data sets;high model complexity and high consumption;high cost of manual parameter adjustment;and insufficient differentiation of different types of attack traffic,which can only distinguish between normal and abnormal traffic.First of all,this article mixes different attack traffic data into a total dataset and conducts multi classification of traffic on this dataset.This way,when training the model,the mutual influence between different traffic will be considered to distinguish various types of traffic and solve the problem of insufficient differentiation.Secondly,in this article,the datasets used are the CICIDS 2017 and CICDDoS2019 datasets,and a random sampling model based on upper and lower boundary combination(ULB)is proposed to solve the problem of dataset imbalance.After sampling with this model,a new dataset was obtained,and other experiments were conducted on the basis of this new dataset.The experiments showed that the data sampled by this model had significant improvements in recall and accuracy.Then,this article proposes a dimensionality reduction model based on importance feature principal component analysis(IPCA)to solve the problem of high model consumption.This model introduces the concept of feature importance on the basis of traditional principal component analysis(PCA)dimensionality reduction models.Experiments have shown that the dimensionality of this model after dimensionality reduction is lower than that of traditional PCA,and the time cost is smaller.Finally,this article proposes a method of combining Bayesian optimization algorithms in automatic machine learning with ensemble learning algorithms for DDoS attack detection.On this basis,a DDoS attack detection model based on Bayesian optimized random forest algorithm(RF＿BO)and a DDoS attack detection model based on Bayesian optimized Light GBM algorithm(LGBM＿BO)are constructed to solve the problem of high manual parameter adjustment cost.Experiments show that these two models have better effects than the traditional random forest algorithm and Light GBM algorithm.