A Transformer-Based Approach for DDoS Attack Detection in IoT Networks
- URL: http://arxiv.org/abs/2508.10636v1
- Date: Thu, 14 Aug 2025 13:33:49 GMT
- Title: A Transformer-Based Approach for DDoS Attack Detection in IoT Networks
- Authors: Sandipan Dey, Payal Santosh Kate, Vatsala Upadhyay, Abhishek Vaish,
- Abstract summary: DDoS attacks have become a major threat to the security of IoT devices.<n>Traditional methods for detecting DDoS attacks are not efficient enough to cope with the dynamic nature of IoT networks.<n>We propose a novel approach, i.e., the use of Transformer models, which have shown remarkable performance in natural language processing tasks.
- Score: 0.0
- License: http://creativecommons.org/licenses/by-nc-sa/4.0/
- Abstract: DDoS attacks have become a major threat to the security of IoT devices and can cause severe damage to the network infrastructure. IoT devices suffer from the inherent problem of resource constraints and are therefore susceptible to such resource-exhausting attacks. Traditional methods for detecting DDoS attacks are not efficient enough to cope with the dynamic nature of IoT networks, as well as the scalability of the attacks, diversity of protocols, high volume of traffic, and variability in device behavior, and variability of protocols like MQTT, CoAP, making it hard to implement security across all the protocols. In this paper, we propose a novel approach, i.e., the use of Transformer models, which have shown remarkable performance in natural language processing tasks, for detecting DDoS attacks on IoT devices. The proposed model extracts features from network traffic data and processes them using a self-attention mechanism. Experiments conducted on a real-world dataset demonstrate that the proposed approach outperforms traditional machine learning techniques, which can be validated by comparing both approaches' accuracy, precision, recall, and F1-score. The results of this study show that the Transformer models can be an effective solution for detecting DDoS attacks on IoT devices and have the potential to be deployed in real-world IoT environments.
Related papers
- Multi-Agent Collaborative Intrusion Detection for Low-Altitude Economy IoT: An LLM-Enhanced Agentic AI Framework [60.72591149679355]
The rapid expansion of low-altitude economy Internet of Things (LAE-IoT) networks has created unprecedented security challenges.<n>Traditional intrusion detection systems fail to tackle the unique characteristics of aerial IoT environments.<n>We introduce a large language model (LLM)-enabled agentic AI framework for enhancing intrusion detection in LAE-IoT networks.
arXiv Detail & Related papers (2026-01-25T12:47:25Z) - Leveraging Machine Learning for Botnet Attack Detection in Edge-Computing Assisted IoT Networks [0.34530027457862006]
This paper investigates the application of machine learning techniques to enhance security in Edge-Computing-Assisted IoT environments.<n>It presents a comparative analysis of Random Forest, XGBoost, and LightGBM to address the dynamic and complex nature of botnet threats.<n>The results highlight the potential of machine learning to fortify IoT networks against emerging cybersecurity challenges.
arXiv Detail & Related papers (2025-08-03T01:52:35Z) - Intelligent Detection of Non-Essential IoT Traffic on the Home Gateway [45.70482328441101]
This work presents ML-IoTrim, a system for detecting and mitigating non-essential IoT traffic by analyzing network behavior at the edge.<n>We test our framework in a consumer smart home setup with IoT devices from five categories, demonstrating that the model can accurately identify and block non-essential traffic.<n>This research advances privacy-aware traffic control in smart homes, paving the way for future developments in IoT device privacy.
arXiv Detail & Related papers (2025-04-22T09:40:05Z) - Intelligent IoT Attack Detection Design via ODLLM with Feature Ranking-based Knowledge Base [0.964942474860411]
Internet of Things (IoT) devices have introduced significant cybersecurity challenges.<n>Traditional machine learning (ML) techniques often fall short in detecting such attacks due to the complexity of blended and evolving patterns.<n>We propose a novel framework leveraging On-Device Large Language Models (ODLLMs) augmented with fine-tuning and knowledge base (KB) integration for intelligent IoT network attack detection.
arXiv Detail & Related papers (2025-03-27T16:41:57Z) - A Comparative Analysis of Machine Learning Models for DDoS Detection in IoT Networks [0.0]
It evaluates the efficacy of different machine learning models, such as XGBoost, in detecting DDoS attacks from normal network traffic.
The effectiveness of these models is analyzed, showing how machine learning can greatly enhance IoT security frameworks.
arXiv Detail & Related papers (2024-11-08T12:23:41Z) - Towards Efficient Machine Learning Method for IoT DDoS Attack Detection [0.0]
DDoS attacks conducted with IoT devices can cause a significant downtime of applications running on the Internet.
We propose a hybrid feature selection algorithm that selects only the most useful features and passes those features into an XGBoost model.
Our model attains an accuracy of 99.993% on the CIC IDS 2017 dataset and a recall of 97.64 % on the CIC IoT 2023 dataset.
arXiv Detail & Related papers (2024-08-16T09:41:54Z) - Enhancing IoT Security Against DDoS Attacks through Federated Learning [0.0]
Internet of Things (IoT) has ushered in transformative connectivity between physical devices and the digital realm.
Traditional DDoS mitigation approaches are ill-equipped to handle the intricacies of IoT ecosystems.
This paper introduces an innovative strategy to bolster the security of IoT networks against DDoS attacks by harnessing the power of Federated Learning.
arXiv Detail & Related papers (2024-03-16T16:45:28Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - IoTFlowGenerator: Crafting Synthetic IoT Device Traffic Flows for Cyber
Deception [31.822346303953164]
Honeypots are an important security tool to understand attacker intent and deceive attackers to spend time and resources.
To build better honeypots and enhance cyber deception capabilities, IoT honeypots need to generate realistic network traffic flows.
We propose a novel deep learning based approach for generating traffic flows that mimic real network traffic due to user and IoT device interactions.
arXiv Detail & Related papers (2023-05-01T16:24:07Z) - IoT Device Identification Based on Network Communication Analysis Using
Deep Learning [43.0717346071013]
The risk of attacks on an organization's network has increased due to the growing use of less secure IoT devices.
To tackle this threat and protect their networks, organizations generally implement security policies in which only white listed IoT devices are allowed on the network.
In this research, deep learning is applied to network communication for the automated identification of IoT devices permitted on the network.
arXiv Detail & Related papers (2023-03-02T13:44:58Z) - Lightweight Collaborative Anomaly Detection for the IoT using Blockchain [40.52854197326305]
Internet of things (IoT) devices tend to have many vulnerabilities which can be exploited by an attacker.
Unsupervised techniques, such as anomaly detection, can be used to secure these devices in a plug-and-protect manner.
We present a distributed IoT simulation platform, which consists of 48 Raspberry Pis.
arXiv Detail & Related papers (2020-06-18T14:50:08Z) - IoT Device Identification Using Deep Learning [43.0717346071013]
The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers.
The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization's network also increases the risk of attacks.
In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network.
arXiv Detail & Related papers (2020-02-25T12:24:49Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.