服务拒绝攻击
计算机科学
洪水(心理学)
应用层DDoS攻击
强化学习
计算机安全
特里诺
软件定义的网络
计算机网络
模型攻击
互联网
人工智能
心理学
万维网
心理治疗师
作者
Yandong Liu,Mianxiong Dong,Kaoru Ota,Jianhua Li,Jun Wu
标识
DOI:10.1109/camad.2018.8514971
摘要
Distributed Denial-of-Service (DDoS) flooding attack has remained as one of the most destructive attacks for more than two decades. Although great efforts have been made to design the defense mechanism, it is still difficult to mitigate these attacks in real time smartly and effectively for the reason that attack traffic may mix with benign traffic. Software-Defined Networks (SDN) decouples control and data plane in the network. Its centralized control paradigm and global view of the network bring some new chances to enhance the defense ability against network attacks. In this paper, we propose a deep reinforcement learning based framework, which can smartly learn the optimal mitigation policies under different attack scenarios and mitigate the DDoS flooding attack in real time. This framework is an effective system to defend against a wide range of DDoS flooding attacks such as TCP SYN, UDP, and ICMP flooding. It can intelligently learn the patterns of attack traffic and throttle the attack traffic, while the traffic of benign users is forwarded normally. We compare our proposed framework with a baseline along with a popular state-of-the-art router throttling method. The experimental results show that our approach can outperform both of them in five attacking scenarios with different attack dynamics significantly.
科研通智能强力驱动
Strongly Powered by AbleSci AI