Challenge Collapsar (CC) Attack Traffic Detection Based on Packet Field Differentiated Preprocessing and Deep Neural Network

Distributed Denial of Service (DDoS) attack is one of the top cyber threats. As a kind of application layer DDoS attack, Challenge Collapsar (CC) attack has become a real headache for defenders. However, there are many researches on DDoS attack, but few on CC attack. The related works on CC attack employ rule-based and machine learning-based models, and just validate their models on the outdated public datasets. These works appear to lag behind once the attack pattern changes. In this paper, we present a model based on packet Field Differentiated Preprocessing and Deep neural network (FDPD) to address this problem. Besides, we collected a fresh dataset which contains 7.92 million packets from real network traffic to train and validate FDPD model. The experimental results show that the accuracy of this model reaches 98.55%, the F-1 value reaches 98.59%, which is 3% higher than the previous models (SVM and Random Forest-based detection model), and the training speed is increased by 17 times in the same environment. It proved that the proposed model can help defenders improve the efficiency of detecting CC attack.