| Title | Towards Inference of DDoS Mitigation Rules |
| Publication Type | Conference Paper |
| Year of Publication | 2022 |
| Authors | Žádník, Martin |
| Conference Name | NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium |
| Keywords | Attack, Automation, composability, Computer crime, DDoS, DDoS attack mitigation, Decision trees, denial-of-service attack, Filtering, Human Behavior, machine learning, Metrics, mitigation, pubcrawl, resilience, Resiliency, telecommunication traffic |
| Abstract | DDoS attacks still represent a severe threat to network services. While there are more or less workable solutions to defend against these attacks, there is a significant space for further research regarding automation of reactions and subsequent management. In this paper, we focus on one piece of the whole puzzle. We strive to automatically infer filtering rules which are specific to the current DoS attack to decrease the time to mitigation. We employ a machine learning technique to create a model of the traffic mix based on observing network traffic during the attack and normal period. The model is converted into the filtering rules. We evaluate our approach with various setups of hyperparameters. The results of our experiments show that the proposed approach is feasible in terms of the capability of inferring successful filtering rules. |
| Notes | ISSN: 2374-9709 |
| DOI | 10.1109/NOMS54207.2022.9789798 |
| Citation Key | zadnik_towards_2022 |
Towards Inference of DDoS Mitigation Rules