CPSS LR-DDoS Detection and Defense in Edge Computing Utilizing DCNN Q-Learning

Liu, Zengguang; Yin, Xiaochun; Hu, Yuemei

doi:10.1109/access.2020.2976706

Cited by 59 publications

(31 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, an attacker can fool detection systems to gradually accept malicious traffic as normal [7]. We also observe that most anomaly-based approaches for LR-DDoS detection are based on thresholds [8], and one challenge associated with such an approach is the computation of an optimal value for such parameters.…”

Section: Introductionmentioning

confidence: 90%

“…Liu et al [8] explained that traffic volume analysis cannot detect current stealthy low-rate DoS attacks. They then proposed a deep convolution neural network (DCNN) to extract available features automatically, and a Q-Network method (a reinforcement learning algorithm) to detect edge low-rate DoS attacks.…”

Section: Related Workmentioning

confidence: 99%

“…It is also challenging to deploy effective LR-DDoS attack mitigation solutions, in practice [8]. For example, existing solutions may require updating of the router's firmware, which may not be practical in a number of situations.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Flexible SDN-Based Architecture for Identifying and Mitigating Low-Rate DDoS Attacks Using Machine Learning

et al. 2020

View full text Add to dashboard Cite

While there have been extensive studies of denial of service (DoS) attacks and DDoS attack mitigation, such attacks remain challenging to mitigate. For example, Low-Rate DDoS (LR-DDoS) attacks are known to be difficult to detect, particularly in a software-defined network (SDN). Hence, in this paper we present a flexible modular architecture that allows the identification and mitigation of LR-DDoS attacks in SDN settings. Specifically, we train the intrusion detection system (IDS) in our architecture using six machine learning (ML) models (i.e., J48, Random Tree, REP Tree, Random Forest, Multi-Layer Perceptron (MLP), and Support Vector Machines (SVM)) and evaluate their performance using the Canadian Institute of Cybersecurity (CIC) DoS dataset. The findings from the evaluation demonstrate that our approach achieves a detection rate of 95%, despite the difficulty in detecting LR-DoS attacks. We also remark that in our deployment, we use the open network operating system (ONOS) controller running on Mininet virtual machine in order for our simulated environment to be as close to real-world production networks as possible. In our testing topology, the intrusion prevention detection system mitigates all attacks previously detected by the IDS system. This demonstrates the utility of our architecture in identifying and mitigating LR-DDoS attacks. INDEX TERMS DDoS attack mitigation, Low-rate DDoS (LR-DDoS) attacks, Machine learning, Software-defined network (SDN).

show abstract

Section: Introductionmentioning

confidence: 90%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Flexible SDN-Based Architecture for Identifying and Mitigating Low-Rate DDoS Attacks Using Machine Learning

et al. 2020

View full text Add to dashboard Cite

show abstract

“…However, the proposed approach is limited to specific types of DDoS attacks, and only one dataset was used to test the model. Liu et al [57] proposed a novel mitigation approach in the edge environment to detect large-scale, low-rate DDoS attacks. A deep convolution neural network (DCNN) is used to automatically learn the optimal features of the dataset.…”

Section: Ddos Defense Systems Based On ML Approaches In Traditiomentioning

confidence: 99%

Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking Environments

Aljuhani

2021

IEEE Access

View full text Add to dashboard Cite

“…To protect edge-assisted IoT against the aforementioned threats, various security schemes have been proposed [9]. Most of the state-of-art schemes [10][11][12] are based on machine learning techniques to detect malicious behaviors of attackers from normal activities in an autonomous and self-evolving way. Despite the powerful characteristics of machine learning techniques in detecting security threats, their high computational cost is still a serious concern when deployed in edge-assisted IoT.…”

Section: Security-energy Tradeoffmentioning

confidence: 99%

Security in edge-assisted Internet of Things: challenges and solutions

Shen

Zhou

2020

Sci. China Inf. Sci.

View full text Add to dashboard Cite

The flourish of 5th generation wireless systems (5G) network has brought numerous benefits to the Internet of Things (IoT) with universal connectivity, improved data rate, and decreased latency. The development of IoT extends the computation-intensive applications from centralized servers to the edge of the network, promoting the paradigm of edge computing. Edge computing brings great assistance to IoT architecture by efficiently accomplishing tasks with lower latency, less energy consumption and reduced network bandwidth. Edge-assisted IoT emerges to provide location-aware services and offload computational tasks to edge nodes near the IoT devices. However, a series of security challenges still exist in edge-assisted IoT owing to the inherent vulnerabilities of edge nodes and sensitive nature of the collected data. Among the emerging and existing security schemes in IoT applications, security and energy consumption are two overriding yet conflicting requirements. The tradeoff between security and energy is critical to the sustainability of the IoT ecosystem but still lacks sufficient discussion. In this article, we investigate the security challenges in edge-assisted IoT and how the constraints in energy consumption can affect the design of security schemes. Specifically, we firstly present the architecture of edge-assisted IoT and its unique characteristics. Secondly, we identify the security threats in the edge-assisted IoT applications and the security-energy tradeoff during implementation. Thirdly, in a case study of distributed denial of service (DDoS) and malware injection attack, we propose a preliminary solution to address the conflict between security and energy requirements. Finally, we discuss some open issues and identify future research directions for security and energy efficiency in edge-assisted IoT.

show abstract

CPSS LR-DDoS Detection and Defense in Edge Computing Utilizing DCNN Q-Learning

Cited by 59 publications

References 42 publications

A Flexible SDN-Based Architecture for Identifying and Mitigating Low-Rate DDoS Attacks Using Machine Learning

A Flexible SDN-Based Architecture for Identifying and Mitigating Low-Rate DDoS Attacks Using Machine Learning

Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking Environments

Security in edge-assisted Internet of Things: challenges and solutions

Contact Info

Product

Resources

About