Imagen de Portada

Comparative analysis of deep learning models for effective denial of service (DoS) attack detection in network security

Guardado en:
Publicado en:Journal of Electrical Systems and Information Technology vol. 12, no. 1 (Dec 2025), p. 73
Autor principal: Mandela, Ngaira
Otros Autores: Etyang, Felix
Publicado:
Springer Nature B.V.
Materias:
Accuracy
Deep learning
Datasets
Communications traffic
Cybersecurity
Architecture
Internet of Things
Intrusion detection systems
Machine learning
Preprocessing
Neural networks
Effectiveness
Recurrent neural networks
Structured data
Taxonomy
Denial of service attacks
Natural language processing
Literature reviews
Algorithms
Decision trees
Acceso en línea:Citation/Abstract
Full Text
Full Text - PDF
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
Resumen:In the rapidly evolving field of network security, Distributed Denial of Service (DDoS) attacks continue to be a critical threat, disrupting cyber services and incurring enormous financial and reputational losses. This research paper presents an extensive analysis of the different models of deep learning, including pretrained BERT, Recurrent Neural Network (RNN), Dense Neural Network (Dense), Bidirectional Long Short-Term Memory (Bi-LSTM), Long Short-Term Memory (LSTM), and Gated Recurrent Unit (GRU), to evaluate their effectiveness in identifying DDoS attacks. The research fills the gap in applying deep learning models, specifically transformer-based models such as BERT, in structured network traffic data and compares their performance with sequence-based models on the CIC-DDoS2019 dataset. The models were evaluated against a dataset of benign and malicious traffic, using primary metrics: recall, precision, F1 score, and accuracy. Performance results show that models based on sequence, such as RNN, LSTM, and GRU, outperform in terms of capturing temporal relations in network traffic data, with the RNN performing best at 97.85% accuracy. The high performance is credited to a new preprocessing pipeline with adaptive temporal window selection and composite feature engineering, as well as architectural advances such as a variant of BERT and attention-augmented RNN variants. On the other hand, BERT, though effective in natural language processing, performed poorly within this structured data space, emphasising the need for model choice based on data properties. This research bridges an essential gap through a systematic comparison of these models and the addition of preprocessing and architectural advancements, providing real-world implications for the development of Network Intrusion Detection Systems (NIDSs) and the improvement of cybersecurity against DDoS attacks.
ISSN:2314-7172
DOI:10.1186/s43067-025-00267-0
Fuente:Engineering Database