Abstract

The DDoS attack is one of the most notorious attacks, and the severe impact of the DDoS attack on GitHub in 2018 raises the importance of designing effective defense methods for detecting this type of attack. Unlike the traditional network architecture that takes too long to cope with DDoS attacks, we focus on link-flooding attacks that do not directly attack the target. An effective defense mechanism is crucial since as long as a link-flooding attack is undetected, it will cause problems over the Internet. With the flexibility of software-defined networking, we design a novel framework and implement our ideas with a deep learning approach to improve the performance of the previous work. Through rerouting techniques and monitoring network traffic, our system can detect a malicious attack from the adversary. A CNN architecture is combined to assist in finding an appropriate rerouting path that can shorten the reaction time for detecting DDoS attacks. Therefore, the proposed method can efficiently distinguish the difference between benign traffic and malicious traffic and prevent attackers from carrying out link-flooding attacks through bots.

Highlights

  • Various network attacks had caused severe damage to the Internet community in the real-world over recent years [1,2,3,4,5,6]

  • The link-flooding attack is a kind of distributed denial of service (DDoS) attack that does not directly attack the target devices but congests the target link with a large number of low-speed flows to reduce the connectivity between end devices, so it is difficult to detect with the intrusion detection system or firewall

  • It is time-consuming to recalculate the feasible paths for all the source-destination pairs that pass through the target link

Read more

Summary

Introduction

Various network attacks had caused severe damage to the Internet community in the real-world over recent years [1,2,3,4,5,6]. Link flooding attack is one of the most troublesome attacks in modern Internet society [2] It utilizes a large quantity of seemingly normal traffic to congest the target link in the network. Due to the flexible architecture of the software-defined networking (SDN) environment, designing an SDN-based defense mechanism to deal with link-flooding attacks can be a good choice. A state-of-the-art link-flooding attacks defense mechanism, SPIFFY, develops a fast traffic-engineering algorithm to increase the bandwidth of the target link with a binary search procedure [7]. We combine the SDN-based defense mechanism with deep learning methods used to adjust the bandwidth to respond quickly to link-flooding attacks automatically. Our method can efficiently distinguish between benign traffic and malicious traffic, and prevent link flooding attacks through bots

Related Work
Method
5: Install flow rule on switch s
Preprocessing
Model Learning
Experiment
Findings
Conclusions
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call