DDoS detection in electric vehicle charging stations: A deep learning perspective via CICEV2023 dataset

Abstract

Distributed Denial of Service (DDoS) attacks have always been an important research topic in the field of information security. Regarding specialized infrastructures such as electric vehicle charging stations, detecting and preventing such attacks becomes even more critical. In the existing literature, most studies on DDoS attack detection focus on traditional methods that analyze network metrics such as network traffic, packet rates, and number of connections. These approaches attempt to detect attacks by identifying anomalies and irregularities in the network, but can have high error rates and fail to identify advanced attacks. Conversely though, detection methods based on system metrics use deeper and more insightful parameters such as processor utilization, memory usage, disk I/O operations, and system behavior. Such metrics provide a more detailed perspective than network-based approaches, allowing for more accurate detection of attacks. However, work in this area is not yet widespread enough further research and improvement are needed. The adoption of advanced system metrics-based methods can significantly improve the effectiveness of DDoS defense strategies, especially in next-generation and specialized infrastructures. This paper evaluates the applicability and effectiveness of Long Short-Term Memory (LSTM) and Feed-Forward Network (FFN) in detecting DDoS attacks against electric vehicle charging stations through system metrics using CICEV2023 dataset. Experimental results show that the LSTM based model offers advantages in terms of speed and processing capacity, while the FFN is superior in terms of the accuracy.