Hybrid GAN-LSTM for Enhancing DDoS Detection on Imbalance Dataset

The rapid development of internet network technology has increased the volume of data traffic. This surge in data traffic also raises the risk of Distributed Denial of Service (DDoS) attacks, which pose threats to institutions that rely on complex, interconnected networks for their operations. One of the primary challenges in combating these attacks lies in distinguishing malicious activity from normal traffic, as well as accurately detecting malicious attacks, each of which involves numerous parameters. The complexity of DDoS attacks continues to grow, further complicating detection and mitigation efforts. To address these challenges, more advanced and accurate tools are needed for DDoS attack detection. While significant research has been conducted on DDoS attacks, the use of Generative Adversarial Networks (GANs) for data balancing remains relatively unexplored. This study investigates the impact of dataset imbalances on the accuracy of DDoS attack classification and proposes models that generate synthetic data to address these imbalances. This research includes data collection, preprocessing, synthetic data generation, and performance analysis. GANs are used to generate synthetic data equivalent to the difference between the majority and minority classes in the dataset. A comparison of classification performance between the Long Short-Term Memory (LSTM) method without data balancing and the GAN-augmented model demonstrates improved results. The Hybrid GAN-LSTM model achieves accuracy rates exceeding 98% across all datasets, with F1-scores above 95%. These findings indicate that the Hybrid GAN-LSTM model addresses data imbalance issues and enhances classification accuracy. This study underscores the importance of addressing data imbalances in cybersecurity to improve the detection of DDoS attacks.