Title: Integration of GRU features with Q-learning based VARMA for protocol DDoS attack analysis

Authors: Meghana Solanki; Sangita Chaudhari

Addresses: Ramrao Adik Institute of Technology, D Y Patil Deemed to be University, Nerul, Navi Mumbai, 400706, Maharashtra, India ' Ramrao Adik Institute of Technology, D Y Patil Deemed to be University, Nerul, Navi Mumbai, 400706, Maharashtra, India

Abstract: Network security faces severe threats from attacks on distributed denial of service (DDoS), necessitating attack detection and mitigation. This study introduces a novel approach by integrating gated recurrent unit (GRU) features with a Q-Learning based vector autoregressive moving-average (VARMA) process for protocol DDoS attack analysis. Traditional models could not deal with complex temporal dependencies in network traffic data, whereas deep learning models lack interpretability and incremental learning. Our model combines Q-Learning based VARMA and GRU, accurately capturing temporal dynamics to detect protocol DDoS attacks. It facilitates incremental learning for adaptation over time. With applicability across diverse contexts, the model offers real-time attack identification, enhancing network security. Experimental results demonstrate superior performance in recall, precision and accuracy compared to existing machine learning and deep learning models.

Keywords: protocol DDoS attacks; GRU features; Q-learning; VARMA and process; traffic volume; patterns; internet protocol (IP) address; port number; packet size; data rate.

DOI: 10.1504/IJCNDS.2025.148255

International Journal of Communication Networks and Distributed Systems, 2025 Vol.31 No.5, pp.526 - 557

Received: 22 Nov 2023
Accepted: 12 May 2024
Published online: 01 Sep 2025 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article