| Title | ReCEIF: Reinforcement Learning-Controlled Effective Ingress Filtering |
| Publication Type | Conference Paper |
| Year of Publication | 2022 |
| Authors | Heseding, Hauke, Zitterbart, Martina |
| Conference Name | 2022 IEEE 47th Conference on Local Computer Networks (LCN) |
| Date Published | sep |
| Keywords | distributed denial of service, Filtering, filtering algorithms, Force, hierarchical heavy hitters, Memory management, Predictive Metrics, pubcrawl, reinforcement learning, Resiliency, Router Systems Security, Software algorithms, Software Defined Networks, Traffic Control |
| Abstract | Volumetric Distributed Denial of Service attacks forcefully disrupt the availability of online services by congesting network links with arbitrary high-volume traffic. This brute force approach has collateral impact on the upstream network infrastructure, making early attack traffic removal a key objective. To reduce infrastructure load and maintain service availability, we introduce ReCEIF, a topology-independent mitigation strategy for early, rule-based ingress filtering leveraging deep reinforcement learning. ReCEIF utilizes hierarchical heavy hitters to monitor traffic distribution and detect subnets that are sending high-volume traffic. Deep reinforcement learning subsequently serves to refine hierarchical heavy hitters into effective filter rules that can be propagated upstream to discard traffic originating from attacking systems. Evaluating all filter rules requires only a single clock cycle when utilizing fast ternary content-addressable memory, which is commonly available in software defined networks. To outline the effectiveness of our approach, we conduct a comparative evaluation to reinforcement learning-based router throttling. |
| DOI | 10.1109/LCN53696.2022.9843478 |
| Citation Key | heseding_receif_2022 |
ReCEIF: Reinforcement Learning-Controlled Effective Ingress Filtering