Visible to the public Mitigating DNS query-based DDoS attacks with machine learning on software-defined networking

TitleMitigating DNS query-based DDoS attacks with machine learning on software-defined networking
Publication TypeConference Paper
Year of Publication2017
AuthorsAhmed, M. E., Kim, H., Park, M.
Conference NameMILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM)
Date Publishedoct
PublisherIEEE
ISBN Number978-1-5386-0595-0
Keywordscomposability, Computer crime, control systems, DDoS attack mitigation, Human Behavior, Metrics, Monitoring, Organizations, Protocols, pubcrawl, Resiliency, Servers
Abstract

Securing Internet of Things is a challenge because of its multiple points of vulnerability. In particular, Distributed Denial of Service (DDoS) attacks on IoT devices pose a major security challenge to be addressed. In this paper, we propose a DNS query-based DDoS attack mitigation system using Software-Defined Networking (SDN) to block the network traffic for DDoS attacks. With some features provided by SDN, we can analyze traffic patterns and filter suspicious network flows out. To show the feasibility of the proposed system, we particularly implemented a prototype with Dirichlet process mixture model to distinguish benign traffic from malicious traffic and conducted experiments with the dataset collected from real network traces. We demonstrate the effectiveness of the proposed method by both simulations and experiment data obtained from the real network traffic traces.

URLhttps://ieeexplore.ieee.org/document/8170802
DOI10.1109/MILCOM.2017.8170802
Citation Keyahmed_mitigating_2017