Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Redefining DDoS Attack Detection Using A Dual-Space Prototypical Network-Based Approach

Fernando Martinez, Mariyam Mapkar, Ali Alfatemi, Mohamed Rahouti, Yufeng Xin, Kaiqi Xiong, Nasir Ghani

TL;DR

This work tackles the increasing sophistication of DDoS attacks and data scarcity by introducing a dual-space prototypical network that combines geometric and angular similarity. Built on MLP and attention architectures, the approach employs a novel dual-space loss $\mathcal{L}_{\text{D-space}}$ that fuses normalized Euclidean and cosine distances to form $D_{E+C}$, enabling effective few-shot learning via episodic training. The framework demonstrates strong robustness across offline, online, and prototypical learning settings, achieving an average accuracy of $94.85\%$ and an F1-score of $94.71\%$ (with precision $99.55\%$) on reduced-data scenarios, and strong performance with full data using attention-enhanced MLPs. The practical impact lies in enabling rapid, adaptive DDoS detection with limited labeled data, reducing incident response time and enhancing resilience of digital infrastructure.

Abstract

Distributed Denial of Service (DDoS) attacks pose an increasingly substantial cybersecurity threat to organizations across the globe. In this paper, we introduce a new deep learning-based technique for detecting DDoS attacks, a paramount cybersecurity challenge with evolving complexity and scale. Specifically, we propose a new dual-space prototypical network that leverages a unique dual-space loss function to enhance detection accuracy for various attack patterns through geometric and angular similarity measures. This approach capitalizes on the strengths of representation learning within the latent space (a lower-dimensional representation of data that captures complex patterns for machine learning analysis), improving the model's adaptability and sensitivity towards varying DDoS attack vectors. Our comprehensive evaluation spans multiple training environments, including offline training, simulated online training, and prototypical network scenarios, to validate the model's robustness under diverse data abundance and scarcity conditions. The Multilayer Perceptron (MLP) with Attention, trained with our dual-space prototypical design over a reduced training set, achieves an average accuracy of 94.85% and an F1-Score of 94.71% across our tests, showcasing its effectiveness in dynamic and constrained real-world scenarios.

Redefining DDoS Attack Detection Using A Dual-Space Prototypical Network-Based Approach

TL;DR

This work tackles the increasing sophistication of DDoS attacks and data scarcity by introducing a dual-space prototypical network that combines geometric and angular similarity. Built on MLP and attention architectures, the approach employs a novel dual-space loss that fuses normalized Euclidean and cosine distances to form , enabling effective few-shot learning via episodic training. The framework demonstrates strong robustness across offline, online, and prototypical learning settings, achieving an average accuracy of and an F1-score of (with precision ) on reduced-data scenarios, and strong performance with full data using attention-enhanced MLPs. The practical impact lies in enabling rapid, adaptive DDoS detection with limited labeled data, reducing incident response time and enhancing resilience of digital infrastructure.

Abstract

Distributed Denial of Service (DDoS) attacks pose an increasingly substantial cybersecurity threat to organizations across the globe. In this paper, we introduce a new deep learning-based technique for detecting DDoS attacks, a paramount cybersecurity challenge with evolving complexity and scale. Specifically, we propose a new dual-space prototypical network that leverages a unique dual-space loss function to enhance detection accuracy for various attack patterns through geometric and angular similarity measures. This approach capitalizes on the strengths of representation learning within the latent space (a lower-dimensional representation of data that captures complex patterns for machine learning analysis), improving the model's adaptability and sensitivity towards varying DDoS attack vectors. Our comprehensive evaluation spans multiple training environments, including offline training, simulated online training, and prototypical network scenarios, to validate the model's robustness under diverse data abundance and scarcity conditions. The Multilayer Perceptron (MLP) with Attention, trained with our dual-space prototypical design over a reduced training set, achieves an average accuracy of 94.85% and an F1-Score of 94.71% across our tests, showcasing its effectiveness in dynamic and constrained real-world scenarios.
Paper Structure (22 sections, 6 equations, 1 figure, 4 tables, 1 algorithm)

This paper contains 22 sections, 6 equations, 1 figure, 4 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Related Work
  3. Research Problem
  4. Methodology
  5. Framework and Design Foundations
  6. Dual-space Loss
  7. Dataset and Data Preprocessing
  8. Feature extraction and selection
  9. Model Design
  10. MLP and attention mechanisms
  11. MLP foundation
  12. MLP with attention mechanisms
  13. Dual-space prototypical network integration
  14. Results
  15. Learning Techniques
  16. ...and 7 more sections

Figures (1)

  • Figure 1: Validation losses during training on reduced dataset (Train $N$: 100).