Open Access iconOpen Access

ARTICLE

crossmark

Multi-Domain Malicious Behavior Knowledge Base Framework for Multi-Type DDoS Behavior Detection

Ouyang Liu, Kun Li*, Ziwei Yin, Deyun Gao, Huachun Zhou

School of Electronic and Information Engineering, Beijing Jiaotong University, Beijing, 100044, China

* Corresponding Author: Kun Li. Email: email

(This article belongs to the Special Issue: Advanced Achievements of Intelligent and Secure Systems for the Next Generation Computing)

Intelligent Automation & Soft Computing 2023, 37(3), 2955-2977. https://doi.org/10.32604/iasc.2023.039995

Abstract

Due to the many types of distributed denial-of-service attacks (DDoS) attacks and the large amount of data generated, it becomes a challenge to manage and apply the malicious behavior knowledge generated by DDoS attacks. We propose a malicious behavior knowledge base framework for DDoS attacks, which completes the construction and application of a multi-domain malicious behavior knowledge base. First, we collected malicious behavior traffic generated by five mainstream DDoS attacks. At the same time, we completed the knowledge collection mechanism through data pre-processing and dataset design. Then, we designed a malicious behavior category graph and malicious behavior structure graph for the characteristic information and spatial structure of DDoS attacks and completed the knowledge learning mechanism using a graph neural network model. To protect the data privacy of multiple multi-domain malicious behavior knowledge bases, we implement the knowledge-sharing mechanism based on federated learning. Finally, we store the constructed knowledge graphs, graph neural network model, and Federated model into the malicious behavior knowledge base to complete the knowledge management mechanism. The experimental results show that our proposed system architecture can effectively construct and apply the malicious behavior knowledge base, and the detection capability of multiple DDoS attacks occurring in the network reaches above 0.95, while there exists a certain anti-interference capability for data poisoning cases.

Keywords


Cite This Article

APA Style
Liu, O., Li, K., Yin, Z., Gao, D., Zhou, H. (2023). Multi-domain malicious behavior knowledge base framework for multi-type ddos behavior detection. Intelligent Automation & Soft Computing, 37(3), 2955-2977. https://doi.org/10.32604/iasc.2023.039995
Vancouver Style
Liu O, Li K, Yin Z, Gao D, Zhou H. Multi-domain malicious behavior knowledge base framework for multi-type ddos behavior detection. Intell Automat Soft Comput . 2023;37(3):2955-2977 https://doi.org/10.32604/iasc.2023.039995
IEEE Style
O. Liu, K. Li, Z. Yin, D. Gao, and H. Zhou "Multi-Domain Malicious Behavior Knowledge Base Framework for Multi-Type DDoS Behavior Detection," Intell. Automat. Soft Comput. , vol. 37, no. 3, pp. 2955-2977. 2023. https://doi.org/10.32604/iasc.2023.039995



cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 525

    View

  • 300

    Download

  • 0

    Like

Share Link