LUCID (Lightweight, Usable CNN in DDoS Detection) is a lightweight Deep Learning-based DDoS detection framework suitable for online resource-constrained environments, which leverages Convolutional Neural Networks (CNNs) to learn the behaviour of DDoS and benign traffic flows with both low processing overhead and attack detection time. LUCID includes a dataset-agnostic pre-processing mechanism that produces traffic observations consistent with those collected in existing online systems, where the detection algorithms must cope with segments of traffic flows collected over pre-defined time windows.
LUCID is available on GitHub. The README.md file includes a step-by-step guide to install and use LUCID.
More details on the architecture of LUCID and its performance in terms of detection accuracy and execution time are available in the following research paper:
R. Doriguzzi-Corin, S. Millar, S. Scott-Hayward, J. Martínez-del-Rincón and D. Siracusa, "Lucid: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection," in *IEEE Transactions on Network and Service Management*, vol. 17, no. 2, pp. 876-889, June 2020, doi: 10.1109/TNSM.2020.2971776.
Selected Publications
-
Simone Magnani, Roberto Doriguzzi Corin, Domenico Siracusa
Enhancing Network Intrusion Detection: An Online Methodology for Performance Analysis
In: Proceedings of 2023 IEEE 9th International Conference on Network Softwarization (NetSoft) (DOI) -
Maged Abdelaty, Sandra Scott-Hayward, Roberto Doriguzzi Corin, Domenico Siracusa
GaDoT: GAN-based Adversarial Training for Robust DDoS Attack Detection
In: Proceedings of 2021 IEEE Conference on Communications and Network Security (CNS) (DOI) -
Roberto Doriguzzi Corin, Stuart Millar, Sandra Scott-Hayward, Jesus Martinez-Del-Rincón, Domenico Siracusa
LUCID: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection
In: IEEE Transactions on Network and Service Management (DOI)