AI infers DoS mitigation rules
| Autor: | Martin Zadnik, Elena Carasec |
|---|---|
| Rok vydání: | 2022 |
| Předmět: | |
| Zdroj: | Journal of Intelligent Information Systems. 60:305-324 |
| ISSN: | 1573-7675 0925-9902 |
| DOI: | 10.1007/s10844-022-00728-2 |
| Popis: | DDoS attacks still represent a severe threat to network services. While there are more or less workable solutions to defend against these attacks, there is a significant space for further research regarding automation of reactions. In this article, we focus on one piece of the whole puzzle. We strive to automatically infer filtering rules which are specific to the current DoS attack to decrease the time to mitigation. We employ a machine learning technique to create a model of the traffic mix based on observing network traffic during the attack and normal period. The model is subsequently converted into the filtering rules. We evaluate our approach on several datasets. We experiment with various setups of hyperparameters as well as the various intensity of the attack traffic. The results of our experiments show that the proposed approach is feasible in terms of the capability of inferring successful filtering rules as well as inferring them in a reasonable time. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|
Full text from SpringerLink