Computer Engineering and Applications ›› 2021, Vol. 57 ›› Issue (13): 108-115.DOI: 10.3778/j.issn.1002-8331.2004-0121

Previous Articles     Next Articles

DDoS Attack Detection Method Based on Probability Graph Model and DNN

WANG Wentao, LI Shumei, TANG Jie, LYU Weilong   

  1. 1.College of Computer Science, South-Central University for Nationalities, Wuhan 430074, China
    2.Hubei Provincial Engineering Research Center for Intelligent Management of Manufacturing Enterprises, Wuhan 430074, China
    3.School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094, China
  • Online:2021-07-01 Published:2021-06-29



  1. 1.中南民族大学 计算机科学学院,武汉 430074
    2.湖北省制造企业智能管理工程技术研究中心,武汉 430074
    3.南京理工大学 计算机科学与工程学院,南京 210094


From traditional network to Internet of Things, Distributed Denial of Service(DDoS) has always been a hidden danger of network security. In order to improve the detection rate of DDoS attacks, a detection scheme based on probability graph model and Deep Neural Network(DNN) is proposed. The detection scheme is composed of data preprocessing stage and DDoS attack detection stage. In the data preprocessing stage, firstly, the difference between normal packets and DDoS attack packets is studied, and high-dimensional statistical features are extracted from TCP, UDP and IP packet header information respectively. According to the feature importance factor calculated by random forest, the first 22 features are reserved for traffic detection. Secondly, 22 statistical features are clustered by Hidden Markov algorithm of probability graph Model. Then the clustering results are further detected by the depth neural network in the detection stage. Finally, the experimental results on the cicdos data set show that the accuracy of the detection method is up to 99.35%, and the lowest false alarm rate and false alarm rate are up to 0.51% and 0.12%, respectively.

Key words: Distributed Denial of Service(DDoS), Hidden Markov Model(HMM), Deep Neural Network(DNN), machine learning



关键词: 分布式拒绝服务攻击(DDoS), 隐马尔科夫(HMM), 深度神经网络(DNN), 机器学习