{"title":"GoGDDoS: A Multi-Classifier for DDoS Attacks Using Graph Neural Networks","authors":"Yuzhen Li, Zhou-yu Zhou, Renjie Li, Fengyuan Shi, Jiang Guo, Qingyun Liu","doi":"10.1109/ISCC58397.2023.10218316","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service (DDoS) attacks are rising, evolving and growing sophistication. Multi-vector which leverages more than one methods is prevalent recently. To cope with multi-vector DDoS attack, it is necessary to classify DDoS attacks for taking robust measures. However, existing ML-based approaches for DDoS traffic multi-classification barely leverage relationships between packets and flows, which are crucial information that can significantly improve multi-classification performance. This paper proposes GoGDDoS, a multi-classifier for DDoS attacks. Concretely, we construct GoG traffic graph to clearly compress relationships between packets and flows. It merges relationship graphs of packets and flows by using graph of graph. Then, we build a two-level Graph Neural Network model to mine potential attack patterns from GoG traffic graph. The experiments with well-known datasets show that GoGDDoS performs better than its counterparts.","PeriodicalId":265337,"journal":{"name":"2023 IEEE Symposium on Computers and Communications (ISCC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE Symposium on Computers and Communications (ISCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC58397.2023.10218316","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Distributed Denial of Service (DDoS) attacks are rising, evolving and growing sophistication. Multi-vector which leverages more than one methods is prevalent recently. To cope with multi-vector DDoS attack, it is necessary to classify DDoS attacks for taking robust measures. However, existing ML-based approaches for DDoS traffic multi-classification barely leverage relationships between packets and flows, which are crucial information that can significantly improve multi-classification performance. This paper proposes GoGDDoS, a multi-classifier for DDoS attacks. Concretely, we construct GoG traffic graph to clearly compress relationships between packets and flows. It merges relationship graphs of packets and flows by using graph of graph. Then, we build a two-level Graph Neural Network model to mine potential attack patterns from GoG traffic graph. The experiments with well-known datasets show that GoGDDoS performs better than its counterparts.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
