Existing intrusion detection and defense models for CPSS (Cyber-Physical-Social Systems) are based on analyzing the static intrusion characteristics, which cannot effectively detect large-scale Low-Rate Denial-of-Service (LR-DDoS) attacks, especially in the edge environment. In this paper, we firstly explore and enhance Mirai botnet to a sophisticated multi-targets low-rate TCP attack network, which makes edge LR-DDoS more powerful and obfuscates their activity. And then, we develop a novel intrusion detection and defense hybrid method for above CPSS LR-DDoS scenario in edge environment, which takes advantage of locality sensitive features extraction and Deep Convolution Neural Network (DCNN) to auto learn the optimal features of the original data distribution and employs deep reinforcement learning Q-network as the powerful decision maker to defend attacks. The experimental results in detection phase prove the proposed method can distinguish abnormal network attack flows with higher detection accuracy and faster response time than kinds of Support Vector Machines (SVM), K-means and Surface Learning Neural Network etc. Even more, it has a certain detection rate for unknown new attacks, which means the method is effective and suitable for the actual network environment. The experimental results in defense phase prove it can defense LR-DDoS attacks smoothly.
INDEX TERMSDeep convolution neural network, Q learning, deep reinforcement learning, edge computing, LR-DDoS, CPSS.
The cyber-physical cloud systems (CPCSs) release powerful capability in provisioning the complicated industrial services. Due to the advances of machine learning in attack detection, a wide range of machine-learning applications are involved in industrial CPCSs. However, how to ensure the implementation efficiency of these applications, and meanwhile avoid the privacy disclosure of the datasets due to data acquisition by different operators, remain challenging for the design of the CPCSs. To fill this gap, a privacy-aware deployment method, named PDM, is devised for hosting the machine-learning applications in the industrial CPCSs. In PDM, the machine-learning applications are partitioned as multiple computing tasks with certain execution order, like workflows. Specifically, the deployment problem is formulated as a multi-objective problem for improving the implementation performance and resource utility. Then the most balanced and optimal strategy is selected by leveraging an improved differential evolution technique. Finally, through comprehensive experiments and comparison analysis, PDM is fully evaluated.
Low-rate Distributed DoS (LDDoS) attack is a complex large-scale attack behavior with strong time-domain characteristics in blockchain-based wireless network. Blockchain with Machine learning-based models, as promising ways, are taken to detect them and secure wireless network. However, researchers focused on how to improve models' detection performance and work out new blockchain-based protection technologies during the past decades. Due to lack of evolving data, these models and technologies may have poor stability in the face of confrontational samples. To cope with the problem, this paper proposes a novel LSTM-CGAN method to generate high-quality LDDoS adversarial samples for blockchain-based wireless network detection models. In this method, we give a brief feature analysis about LDDoS attack in blockchainbased wireless network and work out its corresponding time series model firstly. And then, we take use of Long Short-Term Memory Networks (LSTM) to learn relationships among sequenced network packages in the same flow. At last, we establish a Condition Generative Adversarial Networks (CGAN) model to use above relationships as specific conditions for generating mimicking behaviors of LDDoS attacks in blockchain-based wireless network. The experimental results show that these generated adversarial samples based on both public and private datasets can cheat the machine learning detection models, and have the similar attack characteristics with the real samples. Consequently, they can be used as blockchain-based wireless network dataset of machine learning classifiers for training to enhance models' stability.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.