Research On DDoS Attack Detection Based On Deep Learning In The Internet Of Vehicles

The Internet of Vehicles is an important part of the Intelligent Transport System(ITS).While assisting vehicles to realize intelligent driving,it makes vehicles,infrastructure or service platforms likely to face distributed denial of service(DDoS)attacks.This attack will cause the network connection function of the vehicle to be limited or cannot be used normally,and eventually cause the various systems of the vehicle to operate abnormally.As the confrontation between attack and defense continues,attackers develop more powerful adversarial DDoS attacks.Different from traditional DDoS attacks,adversarial attacks can evade DDoS attack detection systems,making the Internet of Vehicles face threats such as denial of service or malicious manipulation of control rights.At present,most of the detection methods for DDoS attacks are oriented to general-purpose networks,but the detection of DDoS attacks on the Internet of Vehicles is different from general-purpose networks.On the one hand,the existing traditional DDoS attack detection methods are computationally complex,resource-intensive,and lack practicality for deployment in the real world.On the other hand,adversarial DDoS attacks can evade detection algorithms,bringing new security threats to the Internet of Vehicles.Based on this,this paper proposes a DDoS attack detection scheme based on the dual detection model,which is used to detect traditional DDoS attacks and adversarial DDoS attacks.The specific content is as follows:(1)Aiming at the problems of large parameters and calculation in the traditional DDoS attack detection model,an improved Convolutional Neural Network(CNN)DDoS attack detection algorithm is proposed.The algorithm uses the traditional CNN as the basic model and improves on the basic model.The improvement method is to replace the fully connected layer with a global average pooling layer.Before improvement,the basic CNN with the best detection performance is obtained through comparative experiments.This method can reduce the amount of model parameters and calculations while ensuring the detection performance,and is more suitable for the deployment of the limited resource environment of the Internet of Vehicles.(2)For the detection of adversarial DDoS attacks,an adversarial DDoS attack detection algorithm based on WGAN-GP is proposed.Firstly,the DDoS data is generated by using the data generation algorithm based on WGAN-GP,and then some characteristic values in the generated DDoS attack data are perturbed with normal data to make it an adversarial DDoS attack that can evade detection.Finally,the proposed adversarial DDoS attack detection model is trained with the adversarial attack data to achieve high accuracy detection of the adversarial DDoS attack by the model.(3)Combine the detection models for traditional DDoS attacks and adversarial DDoS attacks,that is,the DDoS attack detection scheme based on the dual detection model proposed in this paper,and then conduct simulation experiments.First,the proposed detection algorithms for traditional DDoS attacks and adversarial DDoS attacks are tested separately to prove the effectiveness of the two detection algorithms.Secondly,verify the effectiveness of the DDoS attack detection scheme based on the dual detection model for two kinds of attack detection.