Mitigating DNS query-based DDoS attacks with machine learning on software-defined networking
Title | Mitigating DNS query-based DDoS attacks with machine learning on software-defined networking |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Ahmed, M. E., Kim, H., Park, M. |
Conference Name | MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM) |
Date Published | oct |
Publisher | IEEE |
ISBN Number | 978-1-5386-0595-0 |
Keywords | composability, Computer crime, control systems, DDoS attack mitigation, Human Behavior, Metrics, Monitoring, Organizations, Protocols, pubcrawl, Resiliency, Servers |
Abstract | Securing Internet of Things is a challenge because of its multiple points of vulnerability. In particular, Distributed Denial of Service (DDoS) attacks on IoT devices pose a major security challenge to be addressed. In this paper, we propose a DNS query-based DDoS attack mitigation system using Software-Defined Networking (SDN) to block the network traffic for DDoS attacks. With some features provided by SDN, we can analyze traffic patterns and filter suspicious network flows out. To show the feasibility of the proposed system, we particularly implemented a prototype with Dirichlet process mixture model to distinguish benign traffic from malicious traffic and conducted experiments with the dataset collected from real network traces. We demonstrate the effectiveness of the proposed method by both simulations and experiment data obtained from the real network traffic traces. |
URL | https://ieeexplore.ieee.org/document/8170802 |
DOI | 10.1109/MILCOM.2017.8170802 |
Citation Key | ahmed_mitigating_2017 |