ABSTRACT
With the development of technology, a new kind of Distributed Denial-of-Service (DDoS) attack named link-flooding attack (LFA) has been widely applied to congest critical network links and to paralyze the network service. This is mainly due to LFA is easily implemented, obfuscated, and occulted by launching large-scale legitimate low-speed flows to paralyze target network areas. Many solutions are proposed to detect LFA, they are designed by hand-crafted algorithms and hardly keep up the developing progress of self-organizing network structures and emerging network protocols. This study proposes a Deep-Learning based LFA defense framework, called DCN (Deep Convolution Network), that applies Convolution Neural Networks to statistically monitoring the network status through end-to-end functionality (Input: network status snapshot; Output: LFA attack or not attack) without any manual intervention. The experiment results demonstrate DCN can accurately detect DCN in varying network structure and flow patterns. Furthermore, DCN also provides quantitative security risk analysis by using learning time as the control variable, network structure as the independent variable, and time to identify LFA as the dependent variable. The contributions of DCN are (1) providing an autonomic LFA defense framework without any manual intervention, (2) providing objective and quantitative analytical security risk evaluating indicator, and (3) allowing cloud computing and Internet of Things company focuses on their service and leaves security defending to DCN.
- Christos Liaskos, Sotiris Ioannidis, "Network Topology Effects on the Detectability of Crossfire Attacks", IEEE Transactions on Information Forensics and Security, vol. 13, issue. 17, 2018, pp. 1682--1695Google ScholarCross Ref
- Tunisha Varshney, Karan Verma, "Rectifying flow of duplicacy using Bloom-filter", International Conference on Computer, Communications and Electronics (Comptelix), 2017, pp.300--304Google Scholar
- Lei Xue, Xiaobo Ma, Xiapu Luo, Edmond W. W. Chan, Tony T. N. Miu, Guofei Gu, "LinkScope: Toward Detecting Target Link Flooding Attacks", IEEE Transactions on Information Forensics and Security, vol. 13, issue 10, 2018, pp. 2423--2438Google ScholarCross Ref
- Afroze Ansari, Mohammed Abdul Waheed, "Flooding attack detection and prevention in MANET based on cross layer link quality assessment," International Conference on Intelligent Computing and Control Systems (ICICCS), 2017, pp. 612--617.Google Scholar
- Kei Sakuma, Hiromu Asahina, Shuichiro Haruta, Iwao Sasase, "Traceroute-based target link flooding attack detection scheme by analyzing hop count to the destination", Asia-Pacific Conference on Communications (APCC), 2017, pp. 1--6.Google ScholarCross Ref
- Juan Wang, Ru Wen, Jiangqi Li, Fei Yan, Bo Zhao, Fajiang Yu," Detecting and Mitigating Target Link-Flooding Attacks Using SDN", IEEE Transactions on Dependable and Secure Computing, 2018, pp. 1--1Google Scholar
- Jing Zheng, Qi Li, Guofei Gu, Jiahao Cao, David K. Y. Yau, Jianping Wu, "Realtime DDoS Defense Using COTS SDN Switches via Adaptive Correlation Analysis", IEEE Transactions on Information Forensics and Security, vol. 13, issue 7, pp. 1838--1853Google ScholarCross Ref
- Akshay A Nayak, N.K Sridhar, G R Poornima, Shivashankar, "Ways for protection against various attacks in the Internet", IEEE International Conference on Recent Trends in Electronics, Information & Communication Technology (RTEICT), 2017, pp.24--28Google ScholarCross Ref
Index Terms
- Detecting Linking Flooding Attacks using Deep Convolution Network
Recommendations
Adversarial Deep Learning approach detection and defense against DDoS attacks in SDN environments
AbstractOver the last few years, Software Defined Networking (SDN) paradigm has become an emerging architecture to design future networks and to meet new application demands. SDN provides resources for improving network control and management ...
Highlights- This work proposes a detection and defense system against adversarial DDoS attacks through an Adversarial Deep Learning approach.
ISDSDN: Mitigating SYN Flood Attacks in Software Defined Networks
AbstractSoftware defined networking (SDN) has emerged over the past few years as a novel networking technology that enables fast and easy network management. Separating the control plane and the data plane in SDNs allows for dynamic network management, ...
Detection and mitigation of attacks in SDN-based IoT network using SVM
Adapting Software Defined Networking (SDN) raises many challenges including scalability and security on the Internet of Things (IoT) network. Growing network size increases resulting in the network load in the SDN controller and facing security ...
Comments