AI infers DoS mitigation rules-Reference-Cited by-同舟云学术

AI infers DoS mitigation rules

Published:2022-08-23 Issue:2 Volume:60 Page:305-324
ISSN:0925-9902
Container-title:Journal of Intelligent Information Systems
language:en
Short-container-title:J Intell Inf Syst

Author:

Zadnik Martin^ORCID,Carasec Elena

Abstract

AbstractDDoS attacks still represent a severe threat to network services. While there are more or less workable solutions to defend against these attacks, there is a significant space for further research regarding automation of reactions. In this article, we focus on one piece of the whole puzzle. We strive to automatically infer filtering rules which are specific to the current DoS attack to decrease the time to mitigation. We employ a machine learning technique to create a model of the traffic mix based on observing network traffic during the attack and normal period. The model is subsequently converted into the filtering rules. We evaluate our approach on several datasets. We experiment with various setups of hyperparameters as well as the various intensity of the attack traffic. The results of our experiments show that the proposed approach is feasible in terms of the capability of inferring successful filtering rules as well as inferring them in a reasonable time.

Funder

Ministerstvo Vnitra České Republiky

H2020 Leadership in Enabling and Industrial Technologies

Publisher

Springer Science and Business Media LLC

Subject

Artificial Intelligence,Computer Networks and Communications,Hardware and Architecture,Information Systems,Software

Link

https://link.springer.com/content/pdf/10.1007/s10844-022-00728-2.pdf

Reference46 articles.

1. Akyazı, U., Uyar, A.C. (2010). Detection of ddos attacks via an artificial immune system-inspired multiobjective evolutionary algorithm. In: Proceedings of the 2010 International Conference on Applications of Evolutionary Computation - Volume Part II. EvoCOMNET’10, pp. 1–10. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12242-2-1

2. Belenky, A., & Ansari, N. (2003) IP Traceback with Deterministic Packet Marking. IEEE Communications Letters, 7(4), 162–164. https://doi.org/10.1109/LCOMM.2003.811200.

3. Bremler-barr, A., & Levy, H. (2005). Spoofing prevention method. In Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies (Vol. 1, pp. 536–547). https://doi.org/10.1109/INFCOM.2005.1497921

4. Burbeck, K., & Nadjm-Tehrani, S. (2007). Adaptive real-time anomaly detection with incremental clustering. Information Security Technical Report, 12(1), 56–67. https://doi.org/10.1016/j.istr.2007.02.004

5. CONCORDIA. (2020). DDoS Clearing House designated high potential innovation. Online. https://digital-strategy.ec.europa.eu/en/node/9920/printable/pdf. Accessed 8 Aug 2022.

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Windower: Feature Extraction for Real-Time DDoS Detection Using Machine Learning;NOMS 2024-2024 IEEE Network Operations and Management Symposium;2024-05-06

2. Editorial: AI meets cybersecurity;Journal of Intelligent Information Systems;2022-12-02