Generating Adversarial DDoS Attacks with CycleGAN Architecture

Abstract

DDoS (Distributed Denial of Service) attacks consist of a large number of compromised computer systems that launch joint attacks at a targeted victim, such as a server, website, or other network equipment, simultaneously. DDoS has become a widespread and severe threat to the integrity of computer networks. DDoS can lead to system paralysis, making it difficult to troubleshoot. As a key building block in the development of an integrated defense system, it is essential to detect DDoS attacks as early as possible. With the popularization of artificial intelligence, more and more researchers apply machine learning (ML) and deep learning (DL) to the detection of DDoS attacks and have achieved satisfactory accomplishments. The complexity and sophistication of DDoS attacks have kept increasing and evolving since the first DDoS attack was reported in 1996. Regarding the headways in this problem, a new type of DDoS attack, named adversarial DDoS attack, is investigated in this study. The generating adversarial DDoS traffic is carried out using a symmetric Generative Adversarial Networks (GAN) architecture called Cycle-GAN to demonstrate the severe impact of adversarial DDoS attacks. Experiment results reveal that the synthesized traffic can easily penetrate ML-based detection systems, including Random Forest, KNN (k-Nearest Neighbor), SVM (Support Vector Machine), and Naïve Bayes. These alarming results intimate the urgent need for countermeasures against adversary DDoS attacks.