Detecting DDoS Attacks for IoT through Machine Learning

  • 陳 俊佑

Student thesis: Doctoral Thesis


With the advancement of wired and wireless communication technologies the growth of Internet of Things (IoT) devices is also increasing Hackers exploit huge amount of IoT devices which lack security protection for specific purposes To ease the problem we adopt the SDN architecture to manage the IoT devices with DDoS detection module Distributed denial of service (DDoS) attack is an enhanced denial of service (DoS) attack and is one of common usages of these hacked devices With over 20 years history of development of Detection of DoS or DDoS attacks the flow-based method is more suitable for IoT In this paper we propose a timestep architecture in differnet machine learning model and suitable model and parameters in IoT We find the bi-GRU model with 5 timesteps (25s) and 3-tuple index achieve 100 % accuracy in the private NTHU IoT testing dataset We select the 4 outstanding models from the related work and find the random forest and bi-GRU model have achieve 100 % accuracy In addition the accuracy in unknown DDoS attack is up to 80 % detection accuracy if we transform the flows 3-tuple formats into source IP destination subnet and protocol number
Date of Award2021
Original languageEnglish
SupervisorMeng-Hsun Tsai (Supervisor)

Cite this