LSTM-BA: DDoS Detection Approach Combining LSTM and Bayes

The development of cyberspace brings both opportunities and threats, among which Distributed Denial of Service (DDoS) is one of the most destructive attacks. A mass of DDoS attack detection methods have been proposed. But more or less there are some problems, either the construction process is complex, or low accuracy, or poor generalization ability. To overcome these problems, in this paper, we propose a new DDoS detection method which combines the Long Short Term Memory (LSTM) and Bayes approach, referred to as LSTM-BA. Through LSTM method, we can identify parts of DDoS attacks with high confidence outputs from LSTM module. For those outputs with low confidence, we further use Bayes method for the second judgment to improve the accuracy. Our proposed method has been validated using publicly available datasets of ISCX2012. The results demonstrate that LSTM-BA has a better performance. More exactly, LSTM-BA achieves 98.15% detection accuracy, which is improved by 0.16% compared with the state-of-the-art method.