当前位置:
X-MOL 学术
›
J. Netw. Comput. Appl.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Synchronizing real-time and high-precision LDoS defense of learning model-based in AIoT with programmable data plane, SDN
Journal of Network and Computer Applications ( IF 7.7 ) Pub Date : 2024-06-19 , DOI: 10.1016/j.jnca.2024.103916 Jie Ma , Wei Su , Yikun Li , Yuan Yuan , Ziqing Zhang
Journal of Network and Computer Applications ( IF 7.7 ) Pub Date : 2024-06-19 , DOI: 10.1016/j.jnca.2024.103916 Jie Ma , Wei Su , Yikun Li , Yuan Yuan , Ziqing Zhang
The availability of SD-AIoT is currently under complicated and serious cyber threats, especially Low-rate Denial-of-Service attacks. However, traditional defense schemes for such attacks with characteristics of high concealability and periodicity suffer from serious challenges with high detection difficulty, low accuracy of detection models, and inefficiency of mitigation approaches. In this paper, one novel cooperative defense scheme against hybrid LDoS attacks is proposed, which consists of a timely-response hardware-based Renyi Entropy edge checkpoint intent detection algorithm, the high-precision detection mechanism based on a hybrid deep learning model, and a Markov-chain-based differential rate-limiting mitigation strategy. The detection algorithm deployed at the edge checkpoint activates a hybrid CNN-RF-based deep learning model after filtering the intent information of the flows to detect which are malicious LDoS flows with high accuracy, where the multi-stage detection scheme not only extracts and learns the hidden features of the flow data, but also has better representation capabilities. Enhanced dynamic threshold-based whitelisting automatically adapts to the real-time state of the network environment to improve mitigation flexibility. Markov chain-based differential rate-limiting mitigation strategy reduces the packet loss error rate to mitigate network attacks promptly and ensures the continuation of network services. The results of several comparative experiments show that the proposed scheme detects LDoS attacks more accurately and mitigates them more effectively than traditional schemes.
中文翻译:
将AIoT中基于学习模型的实时高精度LDoS防御与可编程数据平面、SDN同步
SD-AIoT的可用性目前面临着复杂而严重的网络威胁,特别是低速率拒绝服务攻击。然而,针对此类具有高隐蔽性和周期性特征的攻击,传统的防御方案面临着检测难度高、检测模型准确率低、缓解方法低效等严峻挑战。本文提出了一种针对混合 LDoS 攻击的新型协同防御方案,该方案由基于及时响应硬件的 Renyi Entropy 边缘检查点意图检测算法、基于混合深度学习模型的高精度检测机制和基于马尔可夫链的差分限速缓解策略。部署在边缘检查点的检测算法在过滤流的意图信息后激活基于 CNN-RF 的混合深度学习模型,以高精度检测哪些是恶意 LDoS 流,其中多阶段检测方案不仅提取和学习流数据的隐藏特征,同时也具有更好的表示能力。增强型基于阈值的动态白名单自动适应网络环境的实时状态,提高缓解灵活性。基于马尔可夫链的差分限速缓解策略,降低丢包错误率,及时缓解网络攻击,保证网络服务的连续性。多次对比实验结果表明,与传统方案相比,该方案能够更准确地检测LDoS攻击并更有效地缓解LDoS攻击。
更新日期:2024-06-19
中文翻译:
将AIoT中基于学习模型的实时高精度LDoS防御与可编程数据平面、SDN同步
SD-AIoT的可用性目前面临着复杂而严重的网络威胁,特别是低速率拒绝服务攻击。然而,针对此类具有高隐蔽性和周期性特征的攻击,传统的防御方案面临着检测难度高、检测模型准确率低、缓解方法低效等严峻挑战。本文提出了一种针对混合 LDoS 攻击的新型协同防御方案,该方案由基于及时响应硬件的 Renyi Entropy 边缘检查点意图检测算法、基于混合深度学习模型的高精度检测机制和基于马尔可夫链的差分限速缓解策略。部署在边缘检查点的检测算法在过滤流的意图信息后激活基于 CNN-RF 的混合深度学习模型,以高精度检测哪些是恶意 LDoS 流,其中多阶段检测方案不仅提取和学习流数据的隐藏特征,同时也具有更好的表示能力。增强型基于阈值的动态白名单自动适应网络环境的实时状态,提高缓解灵活性。基于马尔可夫链的差分限速缓解策略,降低丢包错误率,及时缓解网络攻击,保证网络服务的连续性。多次对比实验结果表明,与传统方案相比,该方案能够更准确地检测LDoS攻击并更有效地缓解LDoS攻击。
京公网安备 11010802027423号