TY - GEN
T1 - Deep Reinforcement Learning based Smart Mitigation of DDoS Flooding in Software-Defined Networks
AU - Liu, Yandong
AU - Dong, Mianxiong
AU - Ota, Kaoru
AU - Li, Jianhua
AU - Wu, Jun
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/10/29
Y1 - 2018/10/29
N2 - Distributed Denial-of-Service (DDoS) flooding attack has remained as one of the most destructive attacks for more than two decades. Although great efforts have been made to design the defense mechanism, it is still difficult to mitigate these attacks in real time smartly and effectively for the reason that attack traffic may mix with benign traffic. Software-Defined Networks (SDN) decouples control and data plane in the network. Its centralized control paradigm and global view of the network bring some new chances to enhance the defense ability against network attacks. In this paper, we propose a deep reinforcement learning based framework, which can smartly learn the optimal mitigation policies under different attack scenarios and mitigate the DDoS flooding attack in real time. This framework is an effective system to defend against a wide range of DDoS flooding attacks such as TCP SYN, UDP, and ICMP flooding. It can intelligently learn the patterns of attack traffic and throttle the attack traffic, while the traffic of benign users is forwarded normally. We compare our proposed framework with a baseline along with a popular state-of-the-art router throttling method. The experimental results show that our approach can outperform both of them in five attacking scenarios with different attack dynamics significantly.
AB - Distributed Denial-of-Service (DDoS) flooding attack has remained as one of the most destructive attacks for more than two decades. Although great efforts have been made to design the defense mechanism, it is still difficult to mitigate these attacks in real time smartly and effectively for the reason that attack traffic may mix with benign traffic. Software-Defined Networks (SDN) decouples control and data plane in the network. Its centralized control paradigm and global view of the network bring some new chances to enhance the defense ability against network attacks. In this paper, we propose a deep reinforcement learning based framework, which can smartly learn the optimal mitigation policies under different attack scenarios and mitigate the DDoS flooding attack in real time. This framework is an effective system to defend against a wide range of DDoS flooding attacks such as TCP SYN, UDP, and ICMP flooding. It can intelligently learn the patterns of attack traffic and throttle the attack traffic, while the traffic of benign users is forwarded normally. We compare our proposed framework with a baseline along with a popular state-of-the-art router throttling method. The experimental results show that our approach can outperform both of them in five attacking scenarios with different attack dynamics significantly.
KW - DDoS
KW - SDN
KW - deep reinforcement learning
UR - http://www.scopus.com/inward/record.url?scp=85057288146&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85057288146&partnerID=8YFLogxK
U2 - 10.1109/CAMAD.2018.8514971
DO - 10.1109/CAMAD.2018.8514971
M3 - Conference contribution
AN - SCOPUS:85057288146
T3 - IEEE International Workshop on Computer Aided Modeling and Design of Communication Links and Networks, CAMAD
BT - 2018 IEEE 23rd International Workshop on Computer Aided Modeling and Design of Communication Links and Networks, CAMAD 2018
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 23rd IEEE International Workshop on Computer Aided Modeling and Design of Communication Links and Networks, CAMAD 2018
Y2 - 17 September 2018 through 19 September 2018
ER -