A Three-Stage Cascaded IPv6 DDoS Attack Detection and Protection Method Based on Deep Learning

By employing a three-stage cascaded method based on deep learning, combined with lightweight packet-level pre-detection and flow-level deep detection, the contradiction between accuracy and efficiency in IPv6 DDoS attack detection is resolved. This approach adapts to the resource constraints of edge deployment, improves the accuracy of easily confused category identification, achieves an adaptive defense closed loop, and meets real-time protection requirements.

CN122339851APending Publication Date: 2026-07-03NANCHANG UNIV

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
NANCHANG UNIV
Filing Date
2026-06-03
Publication Date
2026-07-03

AI Technical Summary

Technical Problem

Existing IPv6 DDoS attack detection technologies have shortcomings in terms of the contradiction between accuracy and efficiency, resource constraints in edge deployment, and limitations of single-model decision-making, making it difficult to achieve efficient and real-time attack identification and protection in the IPv6 protocol environment.

Method used

A three-stage cascaded approach based on deep learning is adopted. By acquiring a multi-source fusion dataset, a lightweight packet-level pre-detection model is used for real-time classification, combined with a stream-level deep detection model for deep detection, and a dynamic rule and probability confidence orchestration engine is used for scheduling decisions and closed-loop feedback to achieve high-precision attack identification and protection.

Benefits of technology

While ensuring high detection accuracy, it reduces detection latency, adapts to edge deployment scenarios, improves the accuracy of easily confused category recognition, and achieves an adaptive defense closed loop to meet real-time protection requirements.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122339851A_ABST
    Figure CN122339851A_ABST
Patent Text Reader

Abstract

This invention relates to the field of network security technology and proposes a three-stage cascaded IPv6 DDoS attack detection and protection method based on deep learning. The method involves: acquiring a multi-source fusion dataset; performing filtering and protection processing based on dynamic rules; inputting the packet-level dataset from the multi-source fusion dataset into a lightweight packet-level pre-detection model for real-time classification and inference to obtain preliminary classification results; making scheduling decisions based on the preliminary classification results; inputting the flow-level dataset from the multi-source fusion dataset into a flow-level deep detection model for deep detection processing to obtain final prediction results; and performing closed-loop feedback based on the final prediction results. This invention avoids the influence of easily confused categories and decision-making limitations, improving detection accuracy and efficiency.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of network security technology, and in particular to a three-stage cascaded IPv6 DDoS attack detection and protection method based on deep learning. Background Technology

[0002] With the large-scale deployment of the IPv6 protocol, IPv6 has become the core protocol of the next-generation Internet infrastructure. However, the complexity of the IPv6 protocol in terms of extended header mechanisms, neighbor discovery protocols, and stateless address configuration also provides a new attack surface for DDoS attacks, and traditional security protection systems built for IPv4 face the challenge of insufficient adaptability.

[0003] Existing DDoS attack detection technologies can be mainly divided into three categories: First, rule-based detection methods, such as intrusion detection systems like Snort, identify known attacks through static feature matching, but are not adaptable to unknown attacks and complex variant attacks; second, detection methods based on traditional machine learning, such as random forests and XGBoost, rely on manual feature engineering and have limited feature representation capabilities in high-dimensional and complex traffic scenarios; and third, detection methods based on deep learning, such as LSTM and Transformer models, can automatically extract traffic features and have made significant progress in detection accuracy, but generally suffer from problems such as large model size, high inference latency, and difficulty in deployment on resource-constrained edge nodes. In the field of IPv6 DDoS detection, existing research suffers from three main limitations: First, there is a lack of publicly available datasets, with most existing datasets based on IPv4, making it difficult to reflect the unique characteristics of the IPv6 protocol. Second, the detection granularity is limited; either packet-level features achieve low-latency detection but lack accuracy, or flow-level features achieve high-precision detection but suffer from high latency, making it difficult to balance accuracy and efficiency. Third, edge deployment adaptability is poor; the high computational overhead of deep learning models makes it difficult to implement on edge nodes such as home gateways and IoT aggregation devices. Existing technologies generally suffer from the following problems: (1) The contradiction between accuracy and efficiency: Packet-level detection models have limited observation windows and high false negative rates for slow attacks and reflection amplification attacks; Stream-level detection models require waiting for the complete stream to form, and the detection delay can reach the second level, making it difficult to meet the real-time response requirements.

[0004] (2) Edge deployment resource constraints: Edge nodes have limited computing power and memory resources. The high computational overhead of traditional deep learning models will lead to a decrease in normal traffic forwarding performance and make it impossible to achieve continuous detection under high throughput.

[0005] (3) Limitations of single-model decision-making: Traditional detection systems adopt a hard decision mechanism, lack the ability to track the historical behavior of source IPs, make it difficult to identify initial probing attacks, and also cannot achieve dynamic linkage between detection results and defense rules.

[0006] (4) Insufficient ability to identify easily confused categories: UDP-based reflective attacks such as LDAP, MSSQL, and NETBIOS have highly similar characteristics. Existing models have low accuracy in distinguishing these easily confused categories, and the false positive rate and false negative rate are difficult to meet the actual deployment requirements.

[0007] Therefore, designing an IPv6 DDoS attack detection and protection method to avoid the impact of easily confused categories and decision-making limitations, and to adapt to deployment constraints in order to improve detection accuracy and efficiency, has become an urgent problem to be solved. Summary of the Invention

[0008] Based on this, this invention proposes a three-stage cascaded IPv6 DDoS attack detection and protection method based on deep learning. The method involves: acquiring a multi-source fusion dataset; performing filtering and protection processing based on dynamic rules; inputting the packet-level dataset from the multi-source fusion dataset into a lightweight packet-level pre-detection model for real-time classification and inference to obtain preliminary classification results; making scheduling decisions based on the preliminary classification results; inputting the flow-level dataset from the multi-source fusion dataset into a flow-level deep detection model for deep detection processing to obtain final prediction results; and performing closed-loop feedback based on the final prediction results. This invention avoids the influence of easily confused categories and decision-making limitations, improving detection accuracy and efficiency.

[0009] This invention proposes a three-stage cascaded IPv6 DDoS attack detection and protection method based on deep learning, comprising: Obtain a multi-source fusion dataset, which includes packet-level datasets and stream-level datasets; Filtering and detection protection are performed based on dynamic rules, which include dynamic blacklist maintenance rules, dynamic whitelist maintenance rules, and dynamic rate limiting rules. The packet-level dataset from the multi-source fusion dataset is input into the lightweight packet-level pre-detection model for real-time classification inference to obtain preliminary classification results. The lightweight packet-level pre-detection model is based on the lightweight TFL-LSTM model, which includes a lightweight two-layer LSTM model structure and the TFLite lightweight framework. The real-time classification inference includes sliding window feature construction and INT8 full integer quantization inference. Scheduling decisions are made based on the initial classification results. The scheduling decisions are based on a probability confidence orchestration engine and include calculating confidence metrics, calculating threat scores, tracking source address suspicion, and making routing decisions. The source address suspicion tracking is based on exponential moving averages, and the routing decisions are based on a dual-threshold routing decision algorithm. The streaming-level dataset from the multi-source fusion dataset is input into the streaming-level deep detection model for deep detection processing to obtain the final prediction result. The streaming-level deep detection model is based on the CAHM-FlowTransformer (CAHM-FT) model, which includes a preprocessing layer, an input encoding layer, a temporal modeling layer, and a classification decision layer. The input encoding layer is based on a hybrid gated encoding mechanism, the temporal modeling layer is based on a cross-scale temporal hybrid structure, and the classification decision layer is based on an enhanced attention classification head and a confusion-aware loss function. The deep detection processing includes online stream aggregation and stream window construction and preprocessing. A closed-loop feedback is performed based on the final prediction result, which includes attack confirmation feedback and normal confirmation feedback.

[0010] Furthermore, the step of filtering, detecting, and protecting based on dynamic rules specifically includes: The filtering and detection protection process based on dynamic rules is executed according to the priority order, which is as follows: whitelist matching, blacklist matching, dynamic rate limit check, and allow. The whitelist matching is based on the dynamic whitelist maintenance rules. Specifically, the dynamic whitelist maintenance rules are as follows: maintain a set of trusted IPs, which are used to mark infrastructure nodes. The infrastructure nodes include the gateway's own address and DNS server. If an IP in the whitelist is matched, the connection is unconditionally allowed. The blacklist matching is based on the blacklist dynamic maintenance rules. Specifically, the blacklist dynamic maintenance rules are as follows: maintain a mapping table of source IP expiration time; when feedback information is received and it is confirmed that the currently detected source IP is an attacker, the currently detected source IP is written into the blacklist and the blacklist duration is configured; if an IP in the blacklist is matched, all packets are dropped directly. The dynamic rate limiting check is based on dynamic rate limiting rules, which specifically involve performing sliding window rate limiting on source IPs marked as alarm states, maintaining the packet arrival time sequence of each IP within the sliding window, and discarding excess packets if the packet count within the sliding window exceeds the rate limiting packet quantity threshold.

[0011] Furthermore, the step of inputting the packet-level dataset from the multi-source fusion dataset into the lightweight packet-level pre-detection model for real-time classification inference to obtain preliminary classification results specifically includes: Real-time classification and reasoning are performed based on a lightweight package-level pre-detection model; The lightweight two-layer LSTM model structure of the lightweight packet-level predetection model is specifically as follows: by stacking two layers of LSTM units, both of which have undergone lightweight processing. The first layer of LSTM units includes 48 units for extracting local features, and the second layer of LSTM units includes 24 units for capturing global dependencies. The lightweight processing includes structural pruning, normalization, and lightweight bottleneck mapping. The two layers of LSTM units also include regularization and dropout mechanisms to suppress overfitting. The lightweight two-layer LSTM model structure is arranged in a modular order, specifically comprising an input perturbation suppression module, a two-layer temporal encoding and aggregation module, a bottleneck mapping module, and a classification output module. The two-layer temporal encoding and aggregation module is based on two LSTM layers: the first LSTM layer performs temporal encoding, and the second LSTM layer performs aggregation and compression. A normalization layer is inserted between the first and second LSTM layers. The specific algorithm for the lightweight two-layer LSTM model structure is as follows: , , in, Represents sequence samples, This represents the feature of the T-th sequence sample. Indicates the length of the sliding window. Table feature dimensions, This represents the output probability distribution of a lightweight two-layer LSTM model. express Normalization function, and These represent the weights and biases of the fully connected layer, respectively. This represents the hidden state output of the last LSTM time step. Indicates the output category; The lightweight packet-level predetection model's TFLite lightweight framework specifically involves training and then quantizing the lightweight two-layer LSTM model structure using the TFLite lightweight framework, constructing a representative dataset from the training set sequence for calibration, estimating the intermediate activation distribution and determining the quantization parameters, and then quantizing and executing the weights and main operators in INT8 form using full integer quantization, and constraining the inference graph to use TFLite's built-in INT8 operator set. The TFLite lightweight framework is based on quantization and dequantization, and the specific algorithms for quantization and dequantization are as follows: , , , , in, Represents an 8-bit integer field. This represents a slice, and x represents a floating-point tensor. Indicates the scale factor. Represents zero point. and These represent the minimum and maximum values ​​of an 8-bit integer field, respectively. This represents an approximate restored value. and These represent the maximum and minimum values ​​of the dynamic range of the activation tensor, respectively. Real-time classification inference includes sliding window feature construction and INT8 full integer quantization inference; Sliding window feature construction is performed by maintaining a fixed-length sliding window buffer for each source IP address. Whenever a sliding window is received from a source... When a new packet is generated, the new packet is pushed into the corresponding buffer. When the number of packets in the buffer reaches the length of the sliding window buffer, the 10-dimensional packet header features of all packets in the buffer are extracted to construct the input matrix. Then, INT8 full integer quantization inference is performed to obtain the posterior probability vector. The specific algorithm for obtaining the posterior probability vector is as follows: , in, Represents the posterior probability vector. express Normalization function, Represents zero point. Indicates the total number of classes. Represents the class ordinal number. Indicates the first The probability vector of the class; The posterior probability vector is passed to the probability confidence orchestration engine; When the buffer is insufficient and the initial packet of the source IP does not meet the buffer length, making it impossible to perform real-time classification inference, a conservative strategy is adopted. Specifically, the packet is marked as BENIGN and allowed to pass, while packet data continues to accumulate until it is sufficient for real-time classification inference.

[0012] Furthermore, the step of making scheduling decisions based on the primary classification results specifically includes: The confidence metric and threat score are calculated based on the posterior probability vector. The specific algorithms for the confidence metric and threat score are as follows: , , in, This represents a confidence level measure. and Let represent the posterior probability vectors with the highest and second-highest probabilities, respectively. Indicate threat score, Represents the benign posterior probability vector; Source address suspicion tracking is performed based on exponential moving averages. The specific algorithm for source address suspicion tracking is as follows: , in, Indicates the level of suspicion. Represents the smoothing coefficient. Indicates an update; Routing decisions are made using a dual-threshold routing algorithm. Specifically, when the confidence metric is greater than or equal to the confidence allow threshold and the category is benign, it is considered high-confidence and normal, and the route is directly allowed. When the threat score is greater than or equal to the threat block threshold and the category is not benign, it is considered a high-threat attack, and the route is directly blocked and added to the blacklist. When the suspicion status is greater than or equal to the suspicion escalation threshold or the confidence metric is less than the uncertain alarm threshold, it is considered to have excessively high cumulative suspicion or extremely low confidence, and deep detection is performed. All other cases are considered to be of medium risk, and rate limits are applied while the system is continuously monitored.

[0013] Furthermore, the step of inputting the stream-level dataset from the multi-source fusion dataset into the stream-level depth detection model for depth detection processing to obtain the final prediction result specifically includes: , , , , , , , in, Represents sequence samples, This represents the feature of the T-th sequence sample. Indicates the length of the sliding window. Representing feature dimension, The input sequence of the input coding layer after normalization of the representation layer. Presentation layer normalization processing, This represents the global characteristics of the output of a fully connected branch. and These represent the weights and biases of the fully connected mapping, respectively. Represents a non-linear activation function. This represents the local features output by a one-dimensional convolution branch. Represents one-dimensional convolution. Represents the gate vector, This represents the Sigmoid activation function. and These represent the weights and biases of the gating map, respectively. Indicates adaptive fusion features, This represents the adaptive fusion feature after regularization. This represents element-wise multiplication. Indicates disposal; The specific algorithm for the temporal modeling layer of the flow-level depth detection model is as follows: , , , , , , , , , , , in, This represents the input sequence of the time series modeling layer. Indicates the dimension of the hidden features. The first layer after normalization The input sequence of the layer, Represents the temporal modeling layer. The input sequence of the layer, This represents the output features of the multi-head self-attention branch. This indicates that the focus is on the individual's attention. This represents the output feature of a one-dimensional convolution with a kernel size of 3. This represents a one-dimensional convolution with a kernel size of 3. This represents the output feature of a one-dimensional convolution with a kernel size of 5. This indicates a one-dimensional convolution with a kernel size of 5. This represents the fused output features of multi-scale convolutional branches. Indicates the first The layer's gate vector, and They represent the first The weights and biases of the layer gating map, Indicates the first Hybrid temporal representation of layers, Indicates residual connection output. Indicates feedforward boosted output. Indicates a feedforward network. Represents the temporal modeling layer. The input sequence of the layer; The specific algorithm for the classification decision layer of the stream-level depth detection model is as follows: , , , , , , , in, This represents the input sequence of the classification decision layer. This represents the input features of the classification decision layer. The input sequence of the classification decision layer after normalization is represented. This represents the output of the global average pooling path. This represents the ordinal number of the input features for the classification decision layer. This represents the input feature of the g-th classification decision layer. This represents the output of the global max pooling path. This indicates that the hidden state of the last position in the input sequence is preserved. This represents the hidden state of the last position in the input sequence. Representing the prototype, This represents the classification output of the flow-level depth detection model. and These represent the projection weight matrix and the bias, respectively. The confusion-aware loss function of the stream-level depth detection model is as follows: , in, This represents the confusion-perceived loss function. Represents the balance coefficient. A parameter indicating the difficulty of classification. Indicates the focus parameter, Indicates a confusion penalty item, and These represent the true category and the obfuscated category, respectively. This indicates a collection of confused categories. Represents the true category index. This represents the probability of being identified as a confusing category. Indicates an indicator function; The specific steps of deep detection processing include: Online flow aggregation is performed. This online flow aggregation is based on an online flow aggregation module, which maintains an active flow record table using a 5-tuple as the key. The 5-tuple includes the source IP, destination IP, source port, destination port, and protocol number. Flows are terminated according to idle timeout or active timeout policies. For each terminated flow, a calculation is performed. dimensional features, the The dimensional features include 64-dimensional numerical features and 15-dimensional categorical features; The flow window is constructed and preprocessed. The input of the flow-level depth detection model is a flow window of fixed length. When the number of flow records completed by online flow aggregation reaches the length of the flow window, the nearest flow is taken to form the input window. The number of the nearest flow is based on the length of the flow window. If the number of flows is less than the length of the flow window, the zero feature vector is used for left padding to ensure that at least one real flow exists before inference is triggered. right Preprocessing of 3D features; The numerical features are subjected to logarithmic normalization. The specific algorithm for logarithmic normalization is as follows: , in, This represents the numerical characteristics after logarithmic normalization. Representing numerical characteristics, and They represent the first The minimum value and range of the numerical feature; One-hot encoding of category features is performed based on frequency coding mapping; Preprocessed The dimensional features are encapsulated as TensorFlow tensors for inference to obtain the final prediction results.

[0014] Furthermore, the step of performing closed-loop feedback based on the final prediction result specifically includes: The attack confirmation feedback is as follows: when the final prediction result determines that it is an attack, the current target source IP is added to the blacklist of dynamic rules and a duration is set. The suspicion of the exponential moving average is then set to 1.0 to directly block all subsequent packets from the current target source IP. The normal confirmation feedback specifically means that when the final prediction result is determined to be benign, the rate limit of the current target source IP is removed, and the suspicion of the current target source IP is reduced according to the attenuation coefficient.

[0015] This invention proposes a three-stage cascaded IPv6 DDoS attack detection and protection system based on deep learning, comprising: The data acquisition module is used to acquire a multi-source fusion dataset, which includes a packet-level dataset and a stream-level dataset. The first-stage detection and protection module is used for filtering and detection protection based on dynamic rules, including blacklist dynamic maintenance rules, whitelist dynamic maintenance rules, and dynamic rate limiting rules. The second-stage detection and protection module is used to input the packet-level dataset from the multi-source fusion dataset into the lightweight packet-level pre-detection model for real-time classification inference and to obtain the initial classification results. The lightweight packet-level pre-detection model is based on the lightweight TFL-LSTM model, which includes a lightweight two-layer LSTM model structure and the TFLite lightweight framework. The real-time classification inference includes sliding window feature construction and INT8 full integer quantization inference. The scheduling decision module is used to make scheduling decisions based on the primary classification results. The scheduling decision is based on a probability confidence orchestration engine. The scheduling decision includes calculating confidence metrics, calculating threat scores, tracking source address suspicion, and making routing decisions. The source address suspicion tracking is based on exponential moving average, and the routing decision is based on a dual-threshold routing decision algorithm. The third-stage detection and protection module is used to input the streaming-level dataset from the multi-source fusion dataset into the streaming-level deep detection model for deep detection processing to obtain the final prediction result. The streaming-level deep detection model is based on the CAHM-FT model, which includes a preprocessing layer, an input encoding layer, a temporal modeling layer, and a classification decision layer. The input encoding layer is based on a hybrid gated encoding mechanism, the temporal modeling layer is based on a cross-scale temporal hybrid structure, and the classification decision layer is based on an enhanced attention classification head and a confusion-aware loss function. The deep detection processing includes online stream aggregation and stream window construction and preprocessing. The closed-loop feedback module is used to perform closed-loop feedback based on the final prediction result. The closed-loop feedback includes attack confirmation feedback and normal confirmation feedback.

[0016] The present invention also provides a storage medium that stores one or more programs, which, when executed by a processor, implement the three-stage cascaded IPv6 DDoS attack detection and protection method based on deep learning as described above.

[0017] The present invention also provides a computer device, the computer device including a memory and a processor, wherein: The memory is used to store computer programs; When the processor executes the computer program stored in the memory, it implements the three-stage cascaded IPv6 DDoS attack detection and protection method based on deep learning as described above.

[0018] The beneficial effects of this invention are as follows: (1) Balancing detection accuracy and efficiency: Through a hierarchical and cascaded detection architecture, while ensuring high detection accuracy, the average detection delay is controlled at the millisecond level to meet real-time protection requirements.

[0019] (2) Adapting to edge deployment scenarios: Through model lightweighting and quantization compression technology, the detection system can achieve a processing throughput of 10,000 packets per second on edge devices with 4 core CPUs and 8GB memory.

[0020] (3) Improve the accuracy of easily confused category identification: In response to the feature similarity problem of UDP reflection attacks, the F1 value of easily confused category detection is improved by more than 10% by using the improved FlowTransformer model and the confusion-aware loss function.

[0021] (4) Achieve adaptive defense closed loop: Through the probability confidence orchestration engine and dynamic rule update mechanism, the system can automatically update the defense rules after detecting an attack, thus achieving an automated closed loop of "detection-decision-defense". Attached Figure Description

[0022] Figure 1 The flowchart shows the three-stage cascaded IPv6 DDoS attack detection and protection method based on deep learning proposed in the first embodiment of the present invention. Figure 2 This is a schematic diagram of the structure of the three-stage cascaded IPv6 DDoS attack detection and protection system based on deep learning proposed in the second embodiment of the present invention; Figure 3 This is an overview diagram of the three-stage cascaded detection architecture proposed in the first embodiment of the present invention; Figure 4 This is a diagram of the TFL-LSTM model framework proposed in the first embodiment of the present invention; Figure 5 This is a diagram of the depth detection framework of the CAHM-FT model proposed in the first embodiment of the present invention; Figure 6 This is a schematic diagram of the closed-loop structure proposed in the first embodiment of the present invention.

[0023] The following detailed description, in conjunction with the accompanying drawings, will further illustrate the present invention. Detailed Implementation

[0024] To facilitate understanding of the present invention, a more complete description will be given below with reference to the accompanying drawings. Several embodiments of the invention are illustrated in the drawings. However, the invention can be implemented in many different forms and is not limited to the embodiments described herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete.

[0025] It should be noted that when a component is said to be "fixed to" another component, it can be directly on the other component or there may be an intervening component. When a component is said to be "connected to" another component, it can be directly connected to the other component or there may be an intervening component. The terms "vertical," "horizontal," "left," "right," and similar expressions used in this document are for illustrative purposes only.

[0026] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention pertains. The terminology used herein in the description of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The term "and / or" as used herein includes any and all combinations of one or more of the associated listed items.

[0027] Please see Figure 1 The diagram shows a flowchart of the three-stage cascaded IPv6 DDoS attack detection and protection method based on deep learning proposed in the first embodiment of the present invention. This three-stage cascaded IPv6 DDoS attack detection and protection method based on deep learning includes steps S01 to S06, wherein: Step S01: Obtain the multi-source fusion dataset; It should be noted that in this embodiment, the multi-source fusion dataset includes packet-level datasets and stream-level datasets. When building and training the model, in response to the scarcity of IPv6 sample datasets, a multi-source fusion dataset containing three heterogeneous types is constructed: attack samples are generated by converting CIC-DDoS2019 native IPv4 attack traffic into simulated IPv6 attack traffic through NAT4to6; normal samples are generated by native IPv6 traffic in the real environment of the campus network and high-throughput streaming traffic captured in the Zerotier IPv6 networking scenario.

[0028] To adapt to edge deployment requirements, a packet-level feature extraction method is adopted, extracting 26-dimensional fields from the IPv6 basic header and TCP / UDP / ICMPv6 header from the PCAP file. After standardization, labeling, data preprocessing, and feature selection, a packet-level dataset is constructed. To meet the requirements of high-precision deep detection, a stream-level feature extraction method is adopted, extracting 79-dimensional statistical features including stream duration, byte distribution, and packet interval using CICFlowMeter. After standardization, labeling, data preprocessing, and feature selection, a stream-level dataset is constructed.

[0029] Building a package-level dataset includes: Step 1, Packet-level feature extraction: During feature extraction, the first 24 bytes of the fixed header in the PCAP file are skipped, and the specific packets are parsed. Each packet consists of two parts: a packet header and packet data. The packet header is fixed at 16 bytes and contains timestamp and length information. The packet length is obtained through the length information in the header, thus determining the byte position of the next packet and enabling segmentation between packets. Features extracted from the header include: 8 basic header features, including but not limited to ipv6_flow, ipv6_plen, ipv6_hlim, etc.; 13 transport layer features, including but not limited to tcp_srcport, tcp_hdr_len, tcp_checksum, udp_srcport, udp_dstport, udp_length, udp_checksum, etc.; and 5 network layer features, including but not limited to icmpv6_type, icmpv6_code, icmpv6_checksum, etc., defining feature dimensions as follows: Indicate, and set the initial value to .

[0030] The second step is standardization and dataset labeling: To ensure alignment of data from different protocols and sources within the same feature space, a unified zero-padding strategy was adopted for missing fields, and the features and timestamps of each data packet were written into a structured CSV file, completing the standardized construction of packet-level header features. For dataset labeling, attack traffic was labeled with the corresponding attack type, while normal traffic was uniformly labeled as benign. Subsequently, sampling was controlled according to a preset normal / attack ratio and a single-class sample upper limit, merging multi-source data to generate a multi-source fused packet-level feature dataset for model training and evaluation.

[0031] The third step is to handle class imbalance in the dataset: The constructed package-level feature dataset exhibits a degree of class imbalance, with significant differences in the sample size across different attack categories. Therefore, this invention employs a class-weighted loss strategy during the model training phase. Specifically, an inversely proportional weight is automatically calculated based on the actual frequency of each category in the training set, ensuring that rarer categories receive a higher loss contribution during gradient backpropagation, thereby mitigating the model's bias towards the majority class.

[0032] Building a streaming dataset specifically includes: Step 1, Stream-level feature extraction: The CICFlowMeter tool reads raw PCAP traffic files, identifies bidirectional flows based on information such as source address, destination address, source port, destination port, and protocol, and automatically calculates multi-dimensional statistical characteristics such as flow duration, number of forward and backward packets, number of bytes, packet length distribution, packet arrival time interval, TCP flag count, and active / idle time, completing flow reassembly and statistical feature extraction. Flow records extracted from attack traffic files are labeled according to the corresponding attack type, while flow records extracted from normal traffic files are uniformly labeled as BENIGN. To ensure the consistency of time logic after merging multi-source traffic, timestamps also need to be cleaned and normalized.

[0033] The second step is standardization and dataset labeling: The labels of stream-level samples inherit from their source traffic. Stream records extracted from attack traffic files are labeled according to the corresponding attack type, while stream records extracted from normal traffic files are uniformly labeled as BENIGN. To ensure the consistency of time logic after merging multi-source traffic, timestamps also need to be cleaned and normalized. Following the stream-level feature dataset construction process, a stream-level feature dataset for multi-classification tasks is formed based on a unified encoding format, unified label fields, and unified time order.

[0034] The third step is to handle class imbalance in the dataset: The constructed flow-level feature dataset shows a balanced sample size across attack categories (LDAP, MSSQL, NETBIOS, SYN, UDP), each containing 50,000 records. However, the normal traffic category (BENIGN) has only 5,263 records, accounting for 2.06% of the total dataset, representing a 9.5:1 gap in sample size between the attack categories. This distribution characteristic reflects, to some extent, the concentrated outbreaks of DDoS attack traffic in real-world network environments, but it also introduces a significant class imbalance problem. Therefore, this invention constructs a confusion-aware loss function in the high-precision detection model to improve the model's ability to identify minority classes and its accuracy in distinguishing similar attack types.

[0035] Step S02: Perform filtering and detection protection processing based on dynamic rules; It should be noted that in this embodiment, the dynamic rules include blacklist dynamic maintenance rules, whitelist dynamic maintenance rules, and dynamic rate limiting rules. The filtering, detection, and protection processing based on dynamic rules is executed according to the priority order, which is whitelist matching, blacklist matching, dynamic rate limiting check, and allow. The whitelist matching is based on the dynamic whitelist maintenance rules. Specifically, the dynamic whitelist maintenance rules are as follows: maintain a set of trusted IPs, which are used to mark infrastructure nodes. The infrastructure nodes include the gateway's own address and DNS server. If an IP in the whitelist is matched, the connection is unconditionally allowed. The blacklist matching is based on the blacklist dynamic maintenance rules. Specifically, the blacklist dynamic maintenance rules are as follows: maintain a mapping table of source IP expiration time; when feedback information is received and it is confirmed that the currently detected source IP is an attacker, the currently detected source IP is written into the blacklist and the blacklist duration is configured; if an IP in the blacklist is matched, all packets are dropped directly. The dynamic rate limiting check is based on dynamic rate limiting rules, which specifically involve performing sliding window rate limiting on source IPs marked as alarm states, maintaining the packet arrival time sequence of each IP within the sliding window, and discarding excess packets if the packet count within the sliding window exceeds the rate limiting packet quantity threshold.

[0036] Stage 1, a rapid filtering and protection system based on dynamic rules, is the first line of defense in the detection pipeline. Its goal is to intercept known malicious traffic and clearly abnormal behavior with minimal computational overhead, while allowing trusted traffic. Stage 1's inspection logic is executed in priority order: whitelist matching → blacklist matching → rate limit check → allow. Single packet processing involves only hash table lookups and counter operations, with latency on the order of microseconds. The rule set for Stage 1 is not statically configured but dynamically updated by the Probabilistic Confidence Orchestration Engine (PCE) based on the detection results from downstream stages, forming a closed-loop feedback loop of "detection → rules → filtering."

[0037] Step S03: Input the packet-level dataset from the multi-source fusion dataset into the lightweight packet-level pre-detection model to perform real-time classification inference and obtain preliminary classification results; It should be noted that in this embodiment, the lightweight packet-level pre-detection model is based on the lightweight TFL-LSTM model, which includes a lightweight two-layer LSTM model structure and the TFLite lightweight framework. The real-time classification inference includes sliding window feature construction and INT8 full integer quantization inference, and real-time classification inference is performed based on the lightweight packet-level pre-detection model. In this embodiment, the TFL-LSTM packet-level lightweight predetection framework is constructed in four parts during model building and training: data preprocessing, feature selection, lightweight LSTM model construction, and lightweight TFL-LSTM model construction. For details on the TFL-LSTM packet-level lightweight predetection framework, please refer to [link to relevant documentation]. Figure 4 ; Data preprocessing specifically includes: Without preprocessing, the package-level feature dataset obtained by multi-source fusion exhibits significant heterogeneity and noise. Therefore, data preprocessing is required. The preprocessing steps are as follows: (1) Removal of Leaking Fields: Fields that may cause "feature leakage" are explicitly removed, including source / destination MAC and IPv6 addresses (eth_src, eth_dst, ipv6_src, ipv6_dst), attack_type, packet_type, and traffic_source. Among them, attack_type, packet_type, and traffic_source are meta-annotation fields manually added during the dataset construction phase and are not protocol fields carried in the original PCAP packet header. attack_type records the specific subtype of the attack, packet_type annotates the protocol category of the packet, and traffic_source marks the source of the data. The above fields are written into CSV during the dataset fusion and annotation phase and have a direct semantic mapping relationship with the final classification label. If they are retained for training, the model will memorize the annotation rules instead of learning protocol behavior features, thus generating artificially high test scores. After the removal is completed, the feature dimension F of the model input is determined by the number of feature columns finally retained; under the lightweight setting, if feature selection is further performed, F is based on the number of columns of the filtered feature subset.

[0038] (2) Numerical transformation and missing data cleaning: Numerical transformation is performed on all feature columns and timestamp fields, and outliers that cannot be parsed are uniformly set as missing values, and sample rows with incomplete features or timestamps are deleted; at the same time, records with missing labels are removed to ensure the effectiveness of supervised learning samples and the consistency of input type.

[0039] (3) Block reading and sample size control: In order to adapt to large-scale data processing, this invention adopts block streaming to read the dataset and samples and sets upper limits by category when needed, so as to maintain the availability and stability of the category distribution as much as possible while controlling the training overhead.

[0040] (4) Stratified partitioning and time sorting: In terms of data partitioning, this invention uses stratified sampling to divide the data into training set, validation set and test set to ensure that the proportion of each category in the three parts of data is basically consistent; at the same time, the data is sorted by timestamp within each subset to provide consistent time order constraints for subsequent time series modeling.

[0041] (5) Sliding Window Sequence Construction: For the input format of LSTM, this paper constructs fixed-length sequence samples within each category using a sliding window mechanism in chronological order. Let the time window length be... (i.e., the SEQ_LEN hyperparameter), and uses a fixed step size (default is half the window length, i.e.) This invention generates overlapping sequences, thereby converting the original "single-packet samples" into "short temporal fragments," enhancing the model's ability to characterize local temporal patterns. The invention sets the window length to... The step size is 2. The window length is selected in... In the comparative experiment, A good balance is achieved between multi-class classification accuracy and computational cost; an excessively short window ( It is difficult to capture the persistent patterns of attack traffic, and the window is too long. Introducing redundant time steps and increasing sequence construction overhead under package-level features; step size is set to... This approach ensures sequence diversity while keeping sample expansion within a reasonable range. Furthermore, considering that this invention employs single-packet granular statistical features (rather than flow-level aggregation features), the short window design better suits the low-latency requirements of real-time packet-by-packet detection. During the sliding window sequence construction process, the number of sequence samples... Data sorted by time from the training / validation / test subsets in a given The number of sliding windows that can be generated is determined by the step size.

[0042] After the above processing, the sample is finally in the shape of The sequence tensor form is used as input to the model for training and evaluation of the TFL-LSTM model.

[0043] Feature selection specifically includes: To reduce model input dimensionality, computational overhead, and improve real-time deployment feasibility, this invention selects IPv6 packet header features based on the feature importance evaluation results of ExtraTrees. The feature selection process is as follows: First, the ExtraTrees model is trained on the training set to obtain the importance scores of each feature and sort them in descending order; then, the cumulative importance is calculated; next, features whose cumulative importance reaches a preset threshold are selected; finally, features whose cumulative importance is not greater than the threshold are selected. The former One feature, among which This constitutes the final feature subset.

[0044] The cumulative importance threshold is set to τ=0.92. This threshold has been widely used in feature compression tasks in the field of intrusion detection and has a good engineering practice basis.

[0045] To avoid the problem of insufficient model expressive power due to too few features in certain data distributions, this invention sets a minimum retention constraint: if the number of features selected according to the threshold is less than 10, then the top 10 features in terms of importance are retained for subsequent model training.

[0046] Among the original 26 candidate features, after being fitted on the training set by ExtraTrees, they were filtered according to the cumulative importance threshold τ=0.92. Since the number of features that met the condition did not reach the minimum retention constraint (10), the top 10 features in terms of importance were finally restricted to the constraint. These features are: ipv6_hlim, udp_srcport, ipv6_flow, udp_length, ipv6_plen, udp_dstport, udp_checksum, tcp_hdr_len, tcp_srcport, and tcp_checksum. The total cumulative importance of these 10 features is approximately 93.96%.

[0047] The aforementioned retained features are all low-overhead, extractable fields in the IPv6 / TCP / UDP packet headers, which can be obtained online without deep packet inspection, meeting the lightweight requirements of real-time deployment. Among them, the ipv6_hlim (hop count limit) and udp_srcport (UDP source port) fields together contribute over 55% of the discriminative information. This highly aligns with typical characteristics of DDoS attack traffic: attack packets typically exhibit abnormal TTL distribution characteristics, and reflected DDoS attacks (such as MSSQL, NETBIOS, LDAP, and UDP amplification attacks) often use specific protocol ports, making the port number field highly discriminative. Ultimately, feature selection compresses the input dimension from 26 to F=10, corresponding to a sequence tensor input shape of (N,T,F)=(N,5,10), reducing the feature dimension by approximately 61.5% while retaining the vast majority of discriminative information.

[0048] The lightweight two-layer LSTM model is constructed as follows: The dual-layer LSTM baseline structure achieves hierarchical sequence modeling by stacking two layers of LSTM units: the first layer (64 units) extracts local features, and the second layer (32 units) captures global dependencies. While it possesses strong feature abstraction capabilities and a large model capacity, capable of handling complex sequence modeling tasks, its doubled parameter size makes it prone to overfitting. Therefore, this invention performs lightweight processing on the dual-layer LSTM baseline structure, including structural pruning to reduce the loop layer width (the first LSTM layer is reduced to 48 units, and the second LSTM layer to 24 units), introducing normalization and lightweight bottleneck mapping, and combining regularization and dropout mechanisms to suppress overfitting. This significantly reduces the model's parameter size and inference latency while maintaining temporal representation capabilities. After structural pruning, a lightweight dual-layer LSTM model structure based on Keras / TensorFlow (FP32 (float32)) is obtained.

[0049] The lightweight LSTM network structure consists of the following modules in sequence: input perturbation suppression (Spatial Dropout 1D), two-layer temporal encoding and aggregation (corresponding to two LSTM layers: the first layer performs temporal encoding (output sequence), and the second layer performs aggregation compression (output single vector), with Layer Normalization inserted in between for training stability), bottleneck mapping (Dense 24-dimensional ReLU), and classification output (first Dropout, then Softmax classification layer). Starting with the construction of the input sequence, the design motivation, key hyperparameters, and their impact on model lightweighting and classification performance will be explained layer by layer.

[0050] This model framework is a typical "sequence-to-category" approach, suitable for quickly identifying network attack behavior patterns within a short time window. By using consecutive packet sequences as input, the model can capture local contextual dependencies, thereby achieving efficient identification of anomalies or specific categories.

[0051] (2) Structural pruning and lightweighting strategy Compared to the baseline two-layer LSTM, the structural pruning method implemented in this paper can significantly reduce the number of model parameters and computational complexity without introducing attention mechanisms or deep stacked structures, while maintaining the ability to model short temporal dependencies.

[0052] First, Spatial Dropout 1D (rate=0.1) is introduced at the input end to uniformly and randomly deactivate the input sequence along the feature channel dimension, so as to suppress excessive reliance on a single header field.

[0053] Subsequently, the first LSTM layer is configured with 48 hidden units and outputs the hidden states of the entire sequence to extract temporal context information within a short time window. Furthermore, this layer incorporates L2 regularization (λ=10).-4 The first layer uses L2 regularization and a small dropout ratio (0.15 / 0.08) to reduce the model complexity while maintaining necessary discriminative power. The second LSTM layer further compresses the number of hidden units to 24 and outputs a sequence-level representation, achieving aggregation and compression of temporal information within the window. This layer also uses L2 regularization and a small dropout ratio (0.15 / 0.08) to improve training stability. Layer Normalization is introduced between the two LSTM layers to normalize the hidden state at each time step, mitigating the impact of distribution drift on gradient updates. Furthermore, a 24-dimensional fully connected bottleneck layer (ReLU activation) is introduced to perform non-linear remapping of sequence-level features to compensate for the decrease in representation power caused by structural pruning. The L1–L2 joint regularization constrains the weight scale, which is beneficial for subsequent model quantization and deployment.

[0054] Finally, after suppressing feature co-adaptation with Dropout (0.25), multi-class prediction is completed using the Softmax output layer. Given the relatively small sequence length (e.g., T=5) in the experiments of this invention, unroll=True is enabled in the recurrent layer to expand the recurrent computation into a static computation graph, further improving training and inference efficiency within acceptable memory overhead and meeting the engineering requirements of real-time detection.

[0055] The lightweight TFL-LSTM model is constructed as follows: To meet the constraints of real-time pre-detection on model size, memory usage, and inference latency, this invention further introduces TFLite for post-training quantization on top of the lightweight LSTM model. Quantization (PTQ) is used to construct a lightweight TFL-LSTM model: In the PTQ scenario, a representative dataset is sampled from the training set sequence for calibration, the intermediate activation distribution is estimated and the quantization parameters (scale / zero-point) are determined. Then, Full Integer Quantization (FIQ) is used to quantize the weights and main operators in INT8 form, and the inference graph is constrained to use the INT8 built-in operator set of TFLite. This significantly reduces the model storage overhead and improves the edge inference efficiency while maintaining accuracy as much as possible.

[0056] The core of TFLite quantization lies in: converting floating-point tensors... By compressing the data into a finite bit-width integer space through linear mapping, storage and computation costs are reduced. This invention implements FIQ using TFLite's default affine transformation. For any floating-point tensor... Define the scale factor With zero point Map it to an 8-bit integer field (INT8 is usually) ) Scale factor Controlling the mapping precision from floating-point values ​​to integer representation, zero point Used to achieve zero-value alignment, thereby reducing quantization bias. In the PTQ scenario, quantization parameters are not obtained through retraining, but are determined in forward statistics based on calibration on a representative dataset. For the activation tensor... According to its dynamic range Calculate the quantization parameters; The PTQ calibration process described above aims to approximate the true inference distribution with limited sample coverage, thereby reducing the accuracy loss caused by discretization. The PTQ process inevitably introduces discretization errors, primarily from: quantization parameter estimation errors (the representative dataset fails to fully cover the dynamic range of activation values) and saturation truncation errors (activation values ​​exceed...). The invention addresses the issues of forced truncation of the range and differences in the implementation of floating-point operators versus integer operators. To resolve these problems, the invention employs the following measures: First, it enables `experimental_new_quantizer=True` to call the new generation TFLite quantization engine, which improves upon the old version in operator fusion and quantization parameter propagation, reducing the accumulation of quantization errors between layers. Second, it uses an explicit quantization / dequantization process during the inference phase. Specifically, the FP32 input is quantized to INT8 according to the formula and then fed into the model. The output is then dequantized to floating-point logits according to the formula, and argmax is obtained, instead of relying on implicit conversion at runtime, thus ensuring the consistency of quantization parameters. Third, the inference timing uses a strategy of two warm-up rounds followed by multiple rounds of timing to obtain the optimal value, eliminating abnormal delays introduced by JIT compilation or cache misses during the first inference iteration, and ensuring the reliability of delay measurement results.

[0057] FIQ requires weights, activations, and intermediate features to be represented within the INT8 domain. The multiply-accumulate process is boosted to a higher bit width (e.g., int32) to avoid overflow, and then recalibrated back to the INT8 output. Taking a linear transform as an example, its integer implementation can be summarized as integer multiplication-accumulation after removing zeros, and mapped to the output quantization domain according to the scaling relationship. Quantization errors mainly originate from rounding errors, saturation truncation errors, and differences in the implementation of floating-point operators versus integer operators. Therefore, the coverage of representative datasets and the rationality of quantization parameters determine the effectiveness of PTQ.

[0058] The specific algorithm flow of the lightweight packet-level pre-detection model is as follows (FIQ quantization after TFLite training): Input: Floating-point model Training set Test set ; Number of calibration samples INT8 operator set ; Output: Quantization model Precision indicators ( Unit inference delay ; 1. From sampling construct representative datasets ; 2. Use right Perform PTQ calibration and constrain the operator as follows: ; 3. Generate and export the FIQ model (Both inputs and outputs are INT8); 4. Loading Read input / output quantization parameters , ; 5. According to the formula Quantized to INT8 input; 6. Run the inference (preheating is possible) to obtain the INT8 output. ; 7. Output according to the formula Inverse quantization is used to obtain prediction results; 8. Calculation , And statistically analyze the inference delay per unit sample. ; 9. END; The specific algorithm flow of the lightweight packet-level pre-detection model is presented, outlining the TFLite training post-training FIQ quantization and evaluation process for the LSTM model described above. The core idea is to construct a representative dataset using the training set sequence, run several forward passes during transformation / quantization to estimate the numerical range / distribution of activations at each layer, thereby determining the quantization parameters (scale, zero point) to calibrate the intermediate activation distribution. Under the condition of no further training, the model weights and main operator activations are mapped from FP32 to INT8, and the inference graph is forced to use only TFLite's built-in INT8 operator set. After transformation, the quantization parameters of the input / output tensors are read through TFLiteInterpreter, the test set input is quantized to INT8, and the INT8 output obtained from inference is dequantized to floating-point logits, thereby calculating metrics such as accuracy and macro-average F1. Simultaneously, preheating and multiple rounds of timing are used to minimize the time consumed, obtaining the unit sample inference latency for quantizing the performance comparison between the front-end and back-end.

[0059] This paper uses an equal-interval uniform sampling method to construct a representative dataset RepGen from the training set sequences: Let the total number of training set sequences be... The sampling interval is Take the index in sequence No more than the sequence samples at the location were extracted. Each sample has the following shape: Each sample is fed into the converter for forward calibration.

[0060] Step S04: Make scheduling decisions based on the primary classification results; It should be noted that in this embodiment, the scheduling decision is based on a probabilistic confidence orchestration engine. The scheduling decision includes calculating a confidence metric, calculating a threat score, tracing the source address suspicion, and making a routing decision. The source address suspicion tracing is based on an exponential moving average, and the routing decision is based on a dual-threshold routing decision algorithm. The confidence metric and threat score are calculated based on the posterior probability vector. The specific algorithms for the confidence metric and threat score are as follows: , , in, This represents a confidence level measure. and Let represent the two posterior probability vectors with the highest probability, respectively. Indicate threat score, Represents the benign posterior probability vector; Source address suspicion tracking is performed based on exponential moving averages. The specific algorithm for source address suspicion tracking is as follows: , in, Indicates the level of suspicion. Represents the smoothing coefficient. Indicates an update; Routing decisions are made using a dual-threshold routing algorithm. Specifically, when the confidence metric is greater than or equal to the confidence allow threshold and the category is benign, it is considered high-confidence and normal, and the route is directly allowed. When the threat score is greater than or equal to the threat block threshold and the category is not benign, it is considered a high-threat attack, and the route is directly blocked and added to the blacklist. When the suspicion status is greater than or equal to the suspicion escalation threshold or the confidence metric is less than the uncertain alarm threshold, it is considered to have excessively high cumulative suspicion or extremely low confidence, and deep detection is performed. All other cases are considered to be of medium risk, and rate limits are applied while the system is continuously monitored.

[0061] In this embodiment, four hyperparameters are involved: confidence level release threshold. Uncertain alarm threshold Threat blocking threshold Suspicion escalation threshold The values ​​of these thresholds need to be calibrated based on the probability output distribution characteristics of the real-time classification inference of the Stage 2 lightweight packet-level pre-detection model. In this invention, due to the use of INT8 quantized inference, the probability distribution of the model output is relatively concentrated, and each threshold is set as follows: , , , .

[0062] Step S05: Input the streaming-level dataset from the multi-source fusion dataset into the streaming-level depth detection model to perform depth detection processing and obtain the final prediction result; It should be noted that in this embodiment, the stream-level depth detection model is based on the CAHM-FT model. The CAHM-FT model includes a preprocessing layer, an input encoding layer, a temporal modeling layer, and a classification decision layer. The input encoding layer is based on a hybrid gating encoding mechanism, the temporal modeling layer is based on a cross-scale temporal hybrid structure, and the classification decision layer is based on an enhanced attention classifier head and a confusion-aware loss function. The depth detection processing includes online stream aggregation, stream window construction, and preprocessing. For the specific depth detection framework of the CAHM-FT model in this embodiment, please refer to [link to relevant documentation]. Figure 5 ; In this embodiment, the construction of the CAHM-FT stream-level depth detection model is as follows: To address the shortcomings of the baseline FlowTransformer in feature representation, temporal pattern characterization, and discrimination of easily confused attack categories, this invention proposes an improved model, CAHM-FT, for deep detection tasks targeting IPv6 DDoS attacks. It still follows the main workflow of "preprocessing, input encoding, temporal modeling, and classification decision," but with systematic enhancements to the core modeling stage. First, using a multi-source fused flow-level feature dataset as input, after standardization preprocessing and sequence window construction, traffic samples are represented as flow-level sequences with contextual relationships. Then, a hybrid gating encoding mechanism is introduced at the input representation layer to jointly model global statistical information and local pattern information in the original traffic features. At the temporal modeling layer, a cross-scale temporal hybrid structure is constructed to simultaneously capture long-range dependencies and short-term burst features of attack behavior. At the classification decision layer, an enhanced classification head is used to aggregate key sequence information, and an confusion-aware loss function is combined to impose additional constraints on easily confused categories. Through the above design, CAHM-FT forms a closed-loop improvement path from input representation to discrimination optimization.

[0063] The input presentation layer introduces a hybrid gated coding mechanism; To address the limitation of the baseline FlowTransformer in modeling heterogeneous flow features during the input representation stage, this invention designs a hybrid gated input encoding mechanism to enhance the model's representation capability for multi-source fused flow-level feature datasets. The core idea of ​​this mechanism is to simultaneously introduce a global mapping branch and a local pattern extraction branch at the input layer, and adaptively fuse the two types of feature representations through a gating unit, thereby constructing a sequence representation that takes into account both global semantic information and local variation patterns. Compared to the baseline model's approach of directly inputting preprocessed flow features into the time-series module, this mechanism can achieve more comprehensive feature reconstruction at the input stage, providing a more discriminative representation foundation for subsequent deep time-series modeling.

[0064] Building upon this, this invention constructs a Dense fully connected branch and a Conv1D one-dimensional convolutional branch to extract input features from different perspectives. The main function of the Dense fully connected branch is to uniformly project the traffic features at each time step, thereby extracting a high-dimensional representation at the global semantic level. The Conv1D one-dimensional convolutional branch is used to capture the change patterns of the input sequence within its local neighborhood. Since one-dimensional convolution can perceive the local correlation between adjacent traffic records in the time dimension, this branch is more suitable for extracting short-term burst patterns, continuous abnormal fluctuations, and local statistical change features in attack traffic. For IPv6 DDoS attacks, these local patterns often correspond to key detection clues such as traffic surges, abnormal port behavior, or abrupt protocol interactions.

[0065] To achieve effective fusion of the two types of representations, this invention further designs a gating unit that adaptively calculates the contribution weights of different branches based on input features. The gating unit proposed in this invention can dynamically allocate weights between the global mapping result and the local convolution result based on the semantic characteristics of the current input features. When the model relies more on overall statistical features at a certain moment, it will increase the contribution of the Dense branch; when it relies more on local pattern changes at a certain moment, it will enhance the role of the Conv1D branch. Through this adaptive fusion method, the input encoder can flexibly adjust its representation strategy under different traffic conditions, thereby enhancing its adaptability to complex attack behaviors.

[0066] To further suppress overfitting and enhance the model's generalization ability, the fused representation can be regularized using Dropout. Thus, the hybrid gated input encoding mechanism completes the initial transformation from the original flow-level features to the deep sequence representation.

[0067] Construct a cross-scale temporal modeling module in the temporal modeling layer; To address the shortcomings of the baseline FlowTransformer in recognizing local burst patterns during complex attack sequence modeling, this invention incorporates a cross-scale temporal modeling module in the temporal feature extraction stage. This module takes the sequence representation output from a hybrid gated input encoder as input, simultaneously constructing a global dependency modeling branch and a local pattern extraction branch within each layer. It then adaptively fuses these two types of temporal information through a gating mechanism, thereby achieving a joint characterization of the multi-scale dynamic features of attack traffic. Its design goal is to simultaneously capture the long-range correlations, short-term bursts, and medium-range pattern changes of IPv6 DDoS traffic over time, enabling the model to possess stronger temporal discrimination capabilities in complex multi-classification scenarios.

[0068] Based on this, the module extracts temporal features from the perspectives of global dependency and local pattern.

[0069] The first path is a multi-head self-attention branch, used to model the global correlation between different positions in the sequence. This branch can adaptively measure the correlation between different traffic records through attention weights, thereby uncovering long-range dependencies in the attack sequence. For IPv6 DDoS attacks, such global dependencies are usually reflected as the continuous accumulation and coordinated changes of distributed abnormal traffic over time. Therefore, the self-attention mechanism can effectively enhance the model's ability to perceive global temporal semantics.

[0070] The second path is a multi-scale convolutional branch used to extract local change patterns in the sequence. To enhance the modeling ability of temporal features under different receptive fields, this invention uses two one-dimensional convolutions with different kernels to model the input in parallel. Furthermore, the convolutional results at the two scales are fused to obtain a local temporal representation. This design enables the model to capture sudden changes in traffic within a shorter neighborhood and perceive the expansion of local patterns over a wider time range, thus better adapting to the dynamic fluctuations of DDoS attacks at different time scales. To achieve adaptive synergy between global dependency information and local pattern information, this invention further introduces a gating fusion mechanism. This mechanism can adaptively adjust the contribution ratio of the self-attention branch and the convolutional branch according to the semantic features of the input sequence at different stages. When the attack pattern is more dependent on the global context, the gating mechanism will enhance the role of the attention branch; when local abnormal fluctuations are more discriminative, the contribution of the convolutional branch will be increased. Thus, the model can achieve dynamic fusion of multi-scale temporal information within a unified framework. After branch fusion, the module uses residual connections to retain the original temporal information and alleviate the gradient degradation problem in deep network training. Layer normalization is performed again, and the nonlinear expression capability is further enhanced through a feedforward network. Through the hierarchical structure of "normalization-branch modeling-gated fusion-residual update-feedforward enhancement", the cross-scale temporal modeling module can gradually extract the temporal discriminative features in the sequence at a deeper level.

[0071] A prototype attention-based classification head design is adopted at the classification decision layer; After completing input representation enhancement and cross-scale temporal modeling, the model needs to further compress the sequence features into a fixed-length representation suitable for classification. The baseline FlowTransformer uses a Last Token classification head, which only utilizes the hidden state at the end of the sequence as the overall window representation. This underutilizes the key information contained in non-end positions of the sequence, easily leading to the neglect of some statistically valuable semantics during compression. To address this issue, this invention designs a prototype attention classification head that aggregates information at different levels in the sequence through a combination of multi-path pooling and feature fusion, thereby constructing a more robust classification representation. To reduce the impact of differences in feature distribution at different time positions on the aggregation process, the sequence output is first subjected to layer normalization. The normalized sequence features are then fed into three paths: global average pooling, global max pooling, and end-position extraction, to obtain complementary sequence summary information.

[0072] The first path uses global average pooling to characterize the overall statistical trend of the entire sequence over time. It can reflect the average response of the overall behavior of the sequence and is suitable for describing the stable patterns and global statistical characteristics of attack traffic throughout the window.

[0073] The second path employs global max pooling to extract the most significant activation response in the sequence. This path focuses more on the strongest local abnormal response in the sequence, thus highlighting important patterns such as sudden changes in traffic and local abnormal peaks, which is of great significance for identifying short-term high-intensity behaviors in DDoS attacks.

[0074] The third path preserves the hidden state of the last position in the sequence. This representation inherits the idea of ​​the Last Token classification head in the baseline FlowTransformer, and can complement the first two global pooling features while preserving the end-of-sequence context features. Since the end-of-sequence features usually contain certain contextual dependency information after the preceding time-series modeling, they still have strong discriminative value.

[0075] After obtaining the three types of sequence summary representations, this invention concatenates them along the feature dimension to construct a unified prototype representation. Simultaneously, it integrates overall trend information, local peak information, and terminal context information, enabling a more comprehensive description of the discriminative features of the input sequence. Subsequently, the concatenated result is compressed and nonlinearly transformed through a fully connected mapping to obtain the final classification features. To further suppress overfitting and improve the model's generalization ability, this invention introduces Dropout regularization after projection to obtain the final prototype feature representation used for classification.

[0076] Construct a confusion-aware loss function to optimize the objective; The baseline FlowTransformer is trained using standard cross-entropy loss, which lacks specific constraints on misclassification relationships between easily confused categories. To address this issue, this invention constructs a confusion-aware loss function in CAHM-FT, improving the model's ability to identify class boundaries in complex multi-class scenarios through a joint approach of "hard sample reinforcement + easily confused category-oriented penalty." To enhance the model's focus on hard-classified samples, this invention introduces a Focal Loss mechanism, enabling the model to pay more attention to hard samples near class boundaries during training.

[0077] While Focal Loss can enhance learning on difficult samples, its focus remains on the sample difficulty itself, without explicitly utilizing structural confusion information between categories. Considering the stable misclassification patterns among certain class pairs in multi-class attack detection, this invention further constructs a confusion penalty term to impose targeted constraints on pre-identified easily confused class pairs. For any sample, if its true class belongs to the starting class of a certain confusion pair, a penalty is imposed on its predicted probability on the corresponding confusion class. This term directly suppresses the model's probability allocation on incorrectly confused classes when the true class belongs to the easily confused set, thereby driving the model to learn clearer class discrimination boundaries. From an optimization mechanism perspective, this loss function acts on two levels simultaneously: first, by enhancing the model's attention to difficult-to-classify and boundary samples through Focal Loss, it alleviates training bias caused by class imbalance or differences in sample difficulty; second, by explicitly suppressing the model's probability allocation to specific incorrect classes through the confusion penalty term, it enables the model to develop more targeted discrimination capabilities among known highly confused class pairs. The construction of the confusion-aware loss function embodies the core improvement of CAHM-FT at the objective optimization level. By combining a hard sample focusing mechanism with a class-pair penalty mechanism, the model not only enhances its learning ability for complex attack samples but also implements explicit suppression of specific easily confused classes. This design, together with the hybrid gating input encoding mechanism, the cross-scale temporal modeling module, and the prototype attention classification head, constitutes the complete methodological system of CAHM-FT. In general, the design philosophy of CAHM-FT can be summarized as "enhancing input representation with hybrid encoding, strengthening temporal awareness with cross-scale modeling, and optimizing classification discrimination with confusion awareness." This framework is not a partial patch to the baseline FlowTransformer but rather, while maintaining its sequence modeling backbone, it jointly improves the input layer, feature extraction layer, and target optimization layer, forming a deep detection framework for IPv6 DDoS multi-class detection tasks.

[0078] Step S06: Perform closed-loop feedback based on the final prediction results; It should be noted that in this embodiment, the closed-loop feedback includes attack confirmation feedback and normal confirmation feedback. Specifically, the attack confirmation feedback is as follows: when the final prediction result is determined to be an attack category, the current target source IP is added to the blacklist of dynamic rules and a duration is set. Then, the suspicion of the exponential moving average is set to 1.0 to directly block all subsequent packets from the current target source IP. The normal confirmation feedback specifically means that when the final prediction result is determined to be benign, the rate limit of the current target source IP is removed, and the suspicion of the current target source IP is reduced according to the attenuation coefficient.

[0079] Please refer to the three-stage cascaded detection architecture in this embodiment. Figure 3 For the closed-loop structure of detection-decision-feedback, please refer to [link / reference]. Figure 6 ; Please see Figure 2 The diagram shows a schematic representation of the three-stage cascaded IPv6 DDoS attack detection and protection system based on deep learning proposed in the second embodiment of the present invention. The system includes: Data acquisition module 10 is used to acquire a multi-source fusion dataset, which includes a packet-level dataset and a stream-level dataset; The first-stage detection and protection module 20 is used for filtering and detection protection processing based on dynamic rules, including blacklist dynamic maintenance rules, whitelist dynamic maintenance rules, and dynamic rate limiting rules. The second-stage detection and protection module 30 is used to input the packet-level dataset from the multi-source fusion dataset into the lightweight packet-level pre-detection model for real-time classification inference and to obtain the initial classification result. The lightweight packet-level pre-detection model is based on the lightweight TFL-LSTM model, which includes a lightweight two-layer LSTM model structure and the TFLite lightweight framework. The real-time classification inference includes sliding window feature construction and INT8 full integer quantization inference. The scheduling decision module 40 is used to make scheduling decisions based on the primary classification results. The scheduling decision is based on a probability confidence orchestration engine. The scheduling decision includes calculating confidence metrics, calculating threat scores, tracking source address suspicion, and making routing decisions. The source address suspicion tracking is based on exponential moving average, and the routing decision is based on a dual-threshold routing decision algorithm. The third-stage detection and protection module 50 is used to input the stream-level dataset from the multi-source fusion dataset into the stream-level deep detection model for deep detection processing to obtain the final prediction result. The stream-level deep detection model is based on the CAHM-FT model, which includes a preprocessing layer, an input encoding layer, a temporal modeling layer, and a classification decision layer. The input encoding layer is based on a hybrid gated encoding mechanism, the temporal modeling layer is based on a cross-scale temporal hybrid structure, and the classification decision layer is based on an enhanced attention classification head and a confusion-aware loss function. The deep detection processing includes online stream aggregation and stream window construction and preprocessing. The closed-loop feedback module 60 is used to perform closed-loop feedback based on the final prediction result. The closed-loop feedback includes attack confirmation feedback and normal confirmation feedback.

[0080] The present invention also proposes a computer storage medium storing one or more programs, which, when executed by a processor, implement the above-described deep learning-based three-stage cascaded IPv6 DDoS attack detection and protection method.

[0081] The present invention also proposes a computer device, including a memory and a processor, wherein the memory is used to store computer programs, and the processor is used to execute the computer programs stored in the memory to implement the above-mentioned three-stage cascaded IPv6 DDoS attack detection and protection method based on deep learning.

[0082] Those skilled in the art will understand that the logic and / or steps represented in the flowchart or otherwise described herein, for example, can be considered as a sequenced list of executable instructions for implementing logical functions, and can be embodied in any computer-readable medium for use by, or in conjunction with, an instruction execution system, apparatus, or device (such as a computer-based system, a processor-included system, or other system that can fetch and execute instructions from, an instruction execution system, apparatus, or device). For the purposes of this specification, "computer-readable medium" can mean any means that can contain stored, communicated, propagated, or transmitted programs for use by, or in conjunction with, an instruction execution system, apparatus, or device.

[0083] More specific examples of computer-readable media (a non-exhaustive list) include: electrical connections (electronic devices) having one or more wires, portable computer disk drives (magnetic devices), random access memory (RAM), read-only memory (ROM), erasable and editable read-only memory (EPROM or flash memory), fiber optic devices, and portable optical disc read-only memory (CDROM). Furthermore, computer-readable media can even be paper or other suitable media on which the program can be printed, because the program can be obtained electronically, for example, by optically scanning the paper or other medium, followed by editing, interpreting, or otherwise processing as necessary, and then stored in computer memory.

[0084] It should be understood that various parts of the present invention can be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, multiple steps or methods can be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, it can be implemented using any one or a combination of the following techniques known in the art: discrete logic circuits having logic gates for implementing logical functions on data signals, application-specific integrated circuits (ASICs) having suitable combinational logic gates, programmable gate arrays (PGAs), field-programmable gate arrays (FPGAs), etc.

[0085] In the description of this specification, references to terms such as "one embodiment," "some embodiments," "example," "specific example," or "some examples," etc., indicate that a specific feature, structure, material, or characteristic described in connection with that embodiment or example is included in at least one embodiment or example of the invention. In this specification, the illustrative expressions of the above terms do not necessarily refer to the same embodiment or example. Furthermore, the specific features, structures, materials, or characteristics described may be combined in any suitable manner in one or more embodiments or examples.

[0086] The embodiments described above are merely illustrative of several implementations of the present invention, and while the descriptions are specific and detailed, they should not be construed as limiting the scope of the present invention. It should be noted that those skilled in the art can make various modifications and improvements without departing from the concept of the present invention, and these modifications and improvements all fall within the scope of protection of the present invention. Therefore, the scope of protection of this patent should be determined by the appended claims.

Claims

1. A three-stage cascaded IPv6 DDOS attack detection and protection method based on deep learning, characterized in that, include: Obtain a multi-source fusion dataset, which includes packet-level datasets and stream-level datasets; Filtering and detection protection are performed based on dynamic rules, which include dynamic blacklist maintenance rules, dynamic whitelist maintenance rules, and dynamic rate limiting rules. The packet-level dataset from the multi-source fusion dataset is input into the lightweight packet-level pre-detection model for real-time classification inference to obtain preliminary classification results. The lightweight packet-level pre-detection model is based on the lightweight TFL-LSTM model, which includes a lightweight two-layer LSTM model structure and the TFLite lightweight framework. The real-time classification inference includes sliding window feature construction and INT8 full integer quantization inference. Scheduling decisions are made based on the initial classification results. The scheduling decisions are based on a probability confidence orchestration engine and include calculating confidence metrics, calculating threat scores, tracking source address suspicion, and making routing decisions. The source address suspicion tracking is based on exponential moving averages, and the routing decisions are based on a dual-threshold routing decision algorithm. The streaming-level dataset from the multi-source fusion dataset is input into the streaming-level deep detection model for deep detection processing to obtain the final prediction result. The streaming-level deep detection model is based on the CAHM-FlowTransformer model, which includes a preprocessing layer, an input encoding layer, a temporal modeling layer, and a classification decision layer. The input encoding layer is based on a hybrid gated encoding mechanism, the temporal modeling layer is based on a cross-scale temporal hybrid structure, and the classification decision layer is based on an enhanced attention classification head and a confusion-aware loss function. The deep detection processing includes online stream aggregation and stream window construction and preprocessing. A closed-loop feedback is performed based on the final prediction result, which includes attack confirmation feedback and normal confirmation feedback.

2. The three-stage cascaded deep learning-based IPv6 DDOS attack detection and protection method according to claim 1, characterized in that, The steps for filtering, detection, and protection based on dynamic rules specifically include: The filtering and detection protection process based on dynamic rules is executed according to the priority order, which is as follows: whitelist matching, blacklist matching, dynamic rate limit check, and allow. The whitelist matching is based on the dynamic whitelist maintenance rules. Specifically, the dynamic whitelist maintenance rules are as follows: maintain a set of trusted IPs, which are used to mark infrastructure nodes. The infrastructure nodes include the gateway's own address and DNS server. If an IP in the whitelist is matched, the connection is unconditionally allowed. The blacklist matching is based on the blacklist dynamic maintenance rules. Specifically, the blacklist dynamic maintenance rules are as follows: maintain a mapping table of source IP expiration time; when feedback information is received and it is confirmed that the currently detected source IP is an attacker, the currently detected source IP is written into the blacklist and the blacklist duration is configured; if an IP in the blacklist is matched, all packets are dropped directly. The dynamic rate limiting check is based on dynamic rate limiting rules, which specifically involve performing sliding window rate limiting on source IPs marked as alarm states, maintaining the packet arrival time sequence of each IP within the sliding window, and discarding excess packets if the packet count within the sliding window exceeds the rate limiting packet quantity threshold. 3.The deep learning based three-stage cascaded IPv6 DDOS attack detection and prevention method of claim 1, wherein, The step of inputting the packet-level dataset from the multi-source fusion dataset into a lightweight packet-level pre-detection model for real-time classification inference and obtaining preliminary classification results specifically includes: Real-time classification and reasoning are performed based on a lightweight package-level pre-detection model; The lightweight two-layer LSTM model structure of the lightweight packet-level predetection model is specifically as follows: by stacking two layers of LSTM units, both of which have undergone lightweight processing. The first layer of LSTM units includes 48 units for extracting local features, and the second layer of LSTM units includes 24 units for capturing global dependencies. The lightweight processing includes structural pruning, normalization, and lightweight bottleneck mapping. The two layers of LSTM units also include regularization and dropout mechanisms to suppress overfitting. The lightweight two-layer LSTM model structure is arranged in a modular order, specifically comprising an input perturbation suppression module, a two-layer temporal encoding and aggregation module, a bottleneck mapping module, and a classification output module. The two-layer temporal encoding and aggregation module is based on two LSTM layers: the first LSTM layer performs temporal encoding, and the second LSTM layer performs aggregation and compression. A normalization layer is inserted between the first and second LSTM layers. The specific algorithm for the lightweight two-layer LSTM model structure is as follows: , , wherein, denotes a sequence sample, denotes a Tth sequence sample feature, denotes a sliding window length, denotes a feature dimension, denotes an output probability distribution of the lightweight two-layer LSTM model, denotes a normalization function, and denote weights and biases of a fully connected layer, respectively, denotes a hidden state output of the last LSTM time step, denotes an output class; The lightweight packet-level predetection model's TFLite lightweight framework specifically involves training and then quantizing the lightweight two-layer LSTM model structure using the TFLite lightweight framework, constructing a representative dataset from the training set sequence for calibration, estimating the intermediate activation distribution and determining the quantization parameters, and then quantizing and executing the weights and main operators in INT8 form using full integer quantization, and constraining the inference graph to use TFLite's built-in INT8 operator set. The TFLite lightweight framework is based on quantization and dequantization, and the specific algorithms for quantization and dequantization are as follows: , , , , in, Represents an 8-bit integer field. This represents a slice, and x represents a floating-point tensor. Indicates the scale factor. Represents zero point. and These represent the minimum and maximum values ​​of an 8-bit integer field, respectively. This represents an approximate restored value. and These represent the maximum and minimum values ​​of the dynamic range of the activation tensor, respectively. Real-time classification inference includes sliding window feature construction and INT8 full integer quantization inference; Sliding window feature construction is performed by maintaining a fixed-length sliding window buffer for each source IP address. Whenever a sliding window is received from a source... When a new packet is generated, the new packet is pushed into the corresponding buffer. When the number of packets in the buffer reaches the length of the sliding window buffer, the 10-dimensional packet header features of all packets in the buffer are extracted to construct the input matrix. Then, INT8 full integer quantization inference is performed to obtain the posterior probability vector. The specific algorithm for obtaining the posterior probability vector is as follows: , in, This represents the posterior probability vector. express Normalization function, Represents zero point. Indicates the total number of classes. Represents the class ordinal number. Indicates the first The probability vector of the class; The posterior probability vector is passed to the probability confidence orchestration engine; When the buffer is insufficient and the initial packet of the source IP does not meet the buffer length, making it impossible to perform real-time classification inference, a conservative strategy is adopted. Specifically, the packet is marked as BENIGN and allowed to pass, while packet data continues to accumulate until it is sufficient for real-time classification inference.

4. The method for detecting and protecting against three-stage cascaded IPv6 DDoS attacks based on deep learning according to claim 1, characterized in that, The step of making scheduling decisions based on the primary classification results specifically includes: The confidence metric and threat score are calculated based on the posterior probability vector. The specific algorithms for the confidence metric and threat score are as follows: , , in, This represents a confidence level measure. and Let represent the posterior probability vectors with the highest and second-highest probabilities, respectively. Indicates threat score, Represents the benign posterior probability vector; Source address suspicion tracking is performed based on exponential moving averages. The specific algorithm for source address suspicion tracking is as follows: , in, Indicates the level of suspicion. Represents the smoothing coefficient. Indicates an update; Routing decisions are made using a dual-threshold routing algorithm. Specifically, when the confidence metric is greater than or equal to the confidence allow threshold and the category is benign, it is considered high-confidence and normal, and the route is directly allowed. When the threat score is greater than or equal to the threat block threshold and the category is not benign, it is considered a high-threat attack, and the route is directly blocked and added to the blacklist. When the suspicion status is greater than or equal to the suspicion escalation threshold or the confidence metric is less than the uncertain alarm threshold, it is considered to have excessively high cumulative suspicion or extremely low confidence, and deep detection is performed. All other cases are considered to be of medium risk, and rate limits are applied while the system is continuously monitored.

5. The method for detecting and protecting against three-stage cascaded IPv6 DDoS attacks based on deep learning according to claim 1, characterized in that, The step of inputting the stream-level dataset from the multi-source fusion dataset into the stream-level depth detection model for depth detection processing to obtain the final prediction result specifically includes: The specific algorithm for the input encoding layer of the stream-level depth detection model is as follows: , , , , , , , in, Represents sequence samples, This represents the feature of the T-th sequence sample. Indicates the length of the sliding window. Representing feature dimension, The input sequence of the input coding layer after normalization of the representation layer. Presentation layer normalization processing, This represents the global characteristics of the output of a fully connected branch. and These represent the weights and biases of the fully connected mapping, respectively. Represents a non-linear activation function. This represents the local features output by a one-dimensional convolution branch. Represents one-dimensional convolution. Represents the gate vector, This represents the Sigmoid activation function. and These represent the weights and biases of the gating map, respectively. Indicates adaptive fusion features, This represents the adaptive fusion feature after regularization. This represents element-wise multiplication. Indicates disposal; The specific algorithm for the temporal modeling layer of the flow-level depth detection model is as follows: , , , , , , , , , , , in, This represents the input sequence of the time series modeling layer. Indicates the dimension of the hidden features. The first layer after normalization The input sequence of the layer, Represents the temporal modeling layer. The input sequence of the layer, This represents the output features of the multi-head self-attention branch. This indicates that the focus is on the individual's attention. This represents the output feature of a one-dimensional convolution with a kernel size of 3. This represents a one-dimensional convolution with a kernel size of 3. This represents the output feature of a one-dimensional convolution with a kernel size of 5. This indicates a one-dimensional convolution with a kernel size of 5. This represents the fused output features of multi-scale convolutional branches. Indicates the first The layer's gate vector, and They represent the first The weights and biases of the layer gating mapping, Indicates the first Hybrid temporal representation of layers, Indicates residual connection output. Indicates feedforward enhancement output. Indicates a feedforward network. Represents the temporal modeling layer. The input sequence of the layer; The specific algorithm for the classification decision layer of the stream-level depth detection model is as follows: , , , , , , , in, This represents the input sequence of the classification decision layer. This represents the input features of the classification decision layer. The input sequence of the classification decision layer after normalization is represented. This represents the output of the global average pooling path. This represents the ordinal number of the input features for the classification decision layer. This represents the input feature of the g-th classification decision layer. This represents the output of the global max pooling path. This indicates that the hidden state of the last position in the input sequence is preserved. This represents the hidden state of the last position in the input sequence. Representing the prototype, This represents the classification output of the flow-level depth detection model. and These represent the projection weight matrix and the bias, respectively. The confusion-aware loss function of the stream-level depth detection model is as follows: , in, This represents the confusion-perceived loss function. Represents the balance coefficient. A parameter indicating the difficulty of classification. Indicates the focus parameter, Indicates a confusion penalty item, and These represent the true category and the obfuscated category, respectively. This indicates a collection of confused categories. Represents the true category index. This represents the probability of being identified as a confusing category. Indicates an indicator function; The specific steps of deep detection processing include: Online flow aggregation is performed. This online flow aggregation is based on an online flow aggregation module, which maintains an active flow record table using a 5-tuple as the key. The 5-tuple includes the source IP, destination IP, source port, destination port, and protocol number. Flows are terminated according to idle timeout or active timeout policies. For each terminated flow, a calculation is performed. dimensional features, the The dimensional features include 64-dimensional numerical features and 15-dimensional categorical features; The flow window is constructed and preprocessed. The input of the flow-level depth detection model is a flow window of fixed length. When the number of flow records completed by online flow aggregation reaches the length of the flow window, the nearest flow is taken to form the input window. The number of the nearest flow is based on the length of the flow window. If the number of flows is less than the length of the flow window, the zero feature vector is used for left padding to ensure that at least one real flow exists before inference is triggered. right Preprocessing of 3D features; The numerical features are subjected to logarithmic normalization. The specific algorithm for logarithmic normalization is as follows: , in, This represents the numerical characteristics after logarithmic normalization. Representing numerical characteristics, and They represent the first The minimum value and range of the numerical feature; One-hot encoding of category features is performed based on frequency coding mapping; Preprocessed The dimensional features are encapsulated as TensorFlow tensors for inference to obtain the final prediction results.

6. The method for detecting and protecting against three-stage cascaded IPv6 DDoS attacks based on deep learning according to claim 1, characterized in that, The step of performing closed-loop feedback based on the final prediction result specifically includes: The attack confirmation feedback is as follows: when the final prediction result determines that it is an attack, the current target source IP is added to the blacklist of dynamic rules and a duration is set. Then, the suspicion of the exponential moving average is set to 1.0 to directly block all subsequent packets from the current target source IP. The normal confirmation feedback specifically means that when the final prediction result is determined to be benign, the rate limit of the current target source IP is removed, and the suspicion of the current target source IP is reduced according to the attenuation coefficient.

7. A three-stage cascaded IPv6 DDoS attack detection and protection system based on deep learning, characterized in that, include: The data acquisition module is used to acquire a multi-source fusion dataset, which includes a packet-level dataset and a stream-level dataset. The first-stage detection and protection module is used for filtering and detection protection based on dynamic rules, including blacklist dynamic maintenance rules, whitelist dynamic maintenance rules, and dynamic rate limiting rules. The second-stage detection and protection module is used to input the packet-level dataset from the multi-source fusion dataset into the lightweight packet-level pre-detection model for real-time classification inference and to obtain the initial classification results. The lightweight packet-level pre-detection model is based on the lightweight TFL-LSTM model, which includes a lightweight two-layer LSTM model structure and the TFLite lightweight framework. The real-time classification inference includes sliding window feature construction and INT8 full integer quantization inference. The scheduling decision module is used to make scheduling decisions based on the primary classification results. The scheduling decision is based on a probability confidence orchestration engine. The scheduling decision includes calculating confidence metrics, calculating threat scores, tracking source address suspicion, and making routing decisions. The source address suspicion tracking is based on exponential moving average, and the routing decision is based on a dual-threshold routing decision algorithm. The third-stage detection and protection module is used to input the stream-level dataset from the multi-source fusion dataset into the stream-level deep detection model for deep detection processing to obtain the final prediction result. The stream-level deep detection model is based on the CAHM-FlowTransformer model, which includes a preprocessing layer, an input encoding layer, a temporal modeling layer, and a classification decision layer. The input encoding layer is based on a hybrid gating encoding mechanism, the temporal modeling layer is based on a cross-scale temporal hybrid structure, and the classification decision layer is based on an enhanced attention classification head and a confusion-aware loss function. The deep detection processing includes online stream aggregation and stream window construction and preprocessing. The closed-loop feedback module is used to perform closed-loop feedback based on the final prediction result. The closed-loop feedback includes attack confirmation feedback and normal confirmation feedback.

8. A storage medium, characterized in that, The storage medium stores one or more programs that, when executed by a processor, implement the deep learning-based three-stage cascaded IPv6 DDoS attack detection and protection method as described in any one of claims 1-7.

9. A computer device, characterized in that, The computer device includes a memory and a processor, wherein: The memory is used to store computer programs; When the processor executes the computer program stored in the memory, it implements the three-stage cascaded IPv6 DDoS attack detection and protection method based on deep learning as described in any one of claims 1-7.