Abstract
The availability of SD-AIoT is currently under complicated and serious cyber threats, especially Low-rate Denial-of-Service attacks. However, traditional defense schemes for such attacks with characteristics of high concealability and periodicity suffer from serious challenges with high detection difficulty, low accuracy of detection models, and inefficiency of mitigation approaches. In this paper, one novel cooperative defense scheme against hybrid LDoS attacks is proposed, which consists of a timely-response hardware-based Renyi Entropy edge checkpoint intent detection algorithm, the high-precision detection mechanism based on a hybrid deep learning model, and a Markov-chain-based differential rate-limiting mitigation strategy. The detection algorithm deployed at the edge checkpoint activates a hybrid CNN-RF-based deep learning model after filtering the intent information of the flows to detect which are malicious LDoS flows with high accuracy, where the multi-stage detection scheme not only extracts and learns the hidden features of the flow data, but also has better representation capabilities. Enhanced dynamic threshold-based whitelisting automatically adapts to the real-time state of the network environment to improve mitigation flexibility. Markov chain-based differential rate-limiting mitigation strategy reduces the packet loss error rate to mitigate network attacks promptly and ensures the continuation of network services. The results of several comparative experiments show that the proposed scheme detects LDoS attacks more accurately and mitigates them more effectively than traditional schemes.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.