Open Access iconOpen Access



A Model Training Method for DDoS Detection Using CTGAN under 5GC Traffic

Yea-Sul Kim1, Ye-Eun Kim1, Hwankuk Kim2,*

1 Department of Electronics Information and System Engineering, Sangmyung University, Cheonan, 31066, Korea
2 Department of Information Security Engineering, Sangmyung University, Cheonan, 31066, Korea

* Corresponding Author: Hwankuk Kim. Email: email

(This article belongs to the Special Issue: Advances in Mobile Internet Security)

Computer Systems Science and Engineering 2023, 47(1), 1125-1147.


With the commercialization of 5th-generation mobile communications (5G) networks, a large-scale internet of things (IoT) environment is being built. Security is becoming increasingly crucial in 5G network environments due to the growing risk of various distributed denial of service (DDoS) attacks across vast IoT devices. Recently, research on automated intrusion detection using machine learning (ML) for 5G environments has been actively conducted. However, 5G traffic has insufficient data due to privacy protection problems and imbalance problems with significantly fewer attack data. If this data is used to train an ML model, it will likely suffer from generalization errors due to not training enough different features on the attack data. Therefore, this paper aims to study a training method to mitigate the generalization error problem of the ML model that classifies IoT DDoS attacks even under conditions of insufficient and imbalanced 5G traffic. We built a 5G testbed to construct a 5G dataset for training to solve the problem of insufficient data. To solve the imbalance problem, synthetic minority oversampling technique (SMOTE) and generative adversarial network (GAN)-based conditional tabular GAN (CTGAN) of data augmentation were used. The performance of the trained ML models was compared and meaningfully analyzed regarding the generalization error problem. The experimental results showed that CTGAN decreased the accuracy and f1-score compared to the Baseline. Still, regarding the generalization error, the difference between the validation and test results was reduced by at least 1.7 and up to 22.88 times, indicating an improvement in the problem. This result suggests that the ML model training method that utilizes CTGANs to augment attack data for training data in the 5G environment mitigates the generalization error problem.


Cite This Article

APA Style
Kim, Y., Kim, Y., Kim, H. (2023). A model training method for ddos detection using CTGAN under 5GC traffic. Computer Systems Science and Engineering, 47(1), 1125-1147.
Vancouver Style
Kim Y, Kim Y, Kim H. A model training method for ddos detection using CTGAN under 5GC traffic. Comput Syst Sci Eng. 2023;47(1):1125-1147
IEEE Style
Y. Kim, Y. Kim, and H. Kim "A Model Training Method for DDoS Detection Using CTGAN under 5GC Traffic," Comput. Syst. Sci. Eng., vol. 47, no. 1, pp. 1125-1147. 2023.

cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 668


  • 370


  • 0


Share Link