Open Access

ARTICLE

A Model Training Method for DDoS Detection Using CTGAN under 5GC Traffic

Yea-Sul Kim¹, Ye-Eun Kim¹, Hwankuk Kim^2,*

1 Department of Electronics Information and System Engineering, Sangmyung University, Cheonan, 31066, Korea
2 Department of Information Security Engineering, Sangmyung University, Cheonan, 31066, Korea

* Corresponding Author: Hwankuk Kim. Email:

(This article belongs to this Special Issue: Advances in Mobile Internet Security)

Computer Systems Science and Engineering 2023, 47(1), 1125-1147. https://doi.org/10.32604/csse.2023.039550

Received 04 February 2023; Accepted 10 April 2023; Issue published 26 May 2023

Abstract

With the commercialization of 5th-generation mobile communications (5G) networks, a large-scale internet of things (IoT) environment is being built. Security is becoming increasingly crucial in 5G network environments due to the growing risk of various distributed denial of service (DDoS) attacks across vast IoT devices. Recently, research on automated intrusion detection using machine learning (ML) for 5G environments has been actively conducted. However, 5G traffic has insufficient data due to privacy protection problems and imbalance problems with significantly fewer attack data. If this data is used to train an ML model, it will likely suffer from generalization errors due to not training enough different features on the attack data. Therefore, this paper aims to study a training method to mitigate the generalization error problem of the ML model that classifies IoT DDoS attacks even under conditions of insufficient and imbalanced 5G traffic. We built a 5G testbed to construct a 5G dataset for training to solve the problem of insufficient data. To solve the imbalance problem, synthetic minority oversampling technique (SMOTE) and generative adversarial network (GAN)-based conditional tabular GAN (CTGAN) of data augmentation were used. The performance of the trained ML models was compared and meaningfully analyzed regarding the generalization error problem. The experimental results showed that CTGAN decreased the accuracy and f1-score compared to the Baseline. Still, regarding the generalization error, the difference between the validation and test results was reduced by at least 1.7 and up to 22.88 times, indicating an improvement in the problem. This result suggests that the ML model training method that utilizes CTGANs to augment attack data for training data in the 5G environment mitigates the generalization error problem.

---

Keywords

---