Open AccessOpen Access


Multi-Domain Malicious Behavior Knowledge Base Framework for Multi-Type DDoS Behavior Detection

Ouyang Liu, Kun Li*, Ziwei Yin, Deyun Gao, Huachun Zhou

School of Electronic and Information Engineering, Beijing Jiaotong University, Beijing, 100044, China

* Corresponding Author: Kun Li. Email:

(This article belongs to this Special Issue: Advanced Achievements of Intelligent and Secure Systems for the Next Generation Computing)

Intelligent Automation & Soft Computing 2023, 37(3), 2955-2977.


Due to the many types of distributed denial-of-service attacks (DDoS) attacks and the large amount of data generated, it becomes a challenge to manage and apply the malicious behavior knowledge generated by DDoS attacks. We propose a malicious behavior knowledge base framework for DDoS attacks, which completes the construction and application of a multi-domain malicious behavior knowledge base. First, we collected malicious behavior traffic generated by five mainstream DDoS attacks. At the same time, we completed the knowledge collection mechanism through data pre-processing and dataset design. Then, we designed a malicious behavior category graph and malicious behavior structure graph for the characteristic information and spatial structure of DDoS attacks and completed the knowledge learning mechanism using a graph neural network model. To protect the data privacy of multiple multi-domain malicious behavior knowledge bases, we implement the knowledge-sharing mechanism based on federated learning. Finally, we store the constructed knowledge graphs, graph neural network model, and Federated model into the malicious behavior knowledge base to complete the knowledge management mechanism. The experimental results show that our proposed system architecture can effectively construct and apply the malicious behavior knowledge base, and the detection capability of multiple DDoS attacks occurring in the network reaches above 0.95, while there exists a certain anti-interference capability for data poisoning cases.


Cite This Article

O. Liu, K. Li, Z. Yin, D. Gao and H. Zhou, "Multi-domain malicious behavior knowledge base framework for multi-type ddos behavior detection," Intelligent Automation & Soft Computing, vol. 37, no.3, pp. 2955–2977, 2023.

This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 81


  • 32


  • 0


Share Link