An Intelligent and Hybrid Approach for Detection of DDoS Attacks in smart police network

Distributed Denial of Service (DDoS) attack is an attempt to make network resources inaccessible to legitimate users. Today, the number of DDoS attacks is increasing rapidly, this is a threat to Internet users, and police networks are no exception to this threat and are more sensitive due to the constant need for these networks to respond to legal requests. Although the target of DDoS attacks may be different, they generally try to temporarily or permanently disable the services of a victim server connected to the Internet. In this paper, a network layer-based method independent from communication protocols is presented that is able to detect attack behaviors without the need to know normal network behaviors. In addition, this method does not need to store large volumes of profiles, multiple lists and attack signatures. This method is done in three steps: feature extraction through a two-dimensional wavelet decomposition that provides the energy distribution diagram, detection of the change point with the help of fuzzy logic rules and deep neural network analysis as the final step of detection. The proposed method was investigated on VAST and ISCX datasets in which it was able to detect DDoS attacks in 10-second periods with 99.99% accuracy for VAST dataset and 99.08% accuracy for ISCX dataset.