Detection Mechanism Against DDoS Attacks based on Convolutional Neural Network in SINET

2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC) Pub Date : 2020-06-01 DOI:10.1109/ITNEC48623.2020.9084918

Wenqian Jia, Ying Liu, Yi Liu, Jiushuang Wang

{"title":"Detection Mechanism Against DDoS Attacks based on Convolutional Neural Network in SINET","authors":"Wenqian Jia, Ying Liu, Yi Liu, Jiushuang Wang","doi":"10.1109/ITNEC48623.2020.9084918","DOIUrl":null,"url":null,"abstract":"From DoS (Distributed Denial of Service) to DDoS (Distributed Denial of Service), DoS attacks have always been an important threat to network security. In Smart Identifier network, resource adaption resolution server is vulnerable to single point failures due to DDoS attacks, which may leads to the paralysis of the whole network, thus it is particularly important to detect DDoS attacks against it. This paper proposes a detection mechanism against DDoS attacks for resource adaptation resolution server. Firstly, we locate suspicious connections according to the characteristics of DDoS attacks and then migrate the connections to the backup server. The backup server is equipped with a convolutional neural network, which can accurately determine whether the traffic on the suspicious connections is attack traffic or not. The simulation results show that the detection mechanism can effectively detect whether a DDoS attack occurs on a certain connection, migrate suspicious connections, and alleviate the pressure of network and ensure its normal operation.","PeriodicalId":235524,"journal":{"name":"2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)","volume":"17 3","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITNEC48623.2020.9084918","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

From DoS (Distributed Denial of Service) to DDoS (Distributed Denial of Service), DoS attacks have always been an important threat to network security. In Smart Identifier network, resource adaption resolution server is vulnerable to single point failures due to DDoS attacks, which may leads to the paralysis of the whole network, thus it is particularly important to detect DDoS attacks against it. This paper proposes a detection mechanism against DDoS attacks for resource adaptation resolution server. Firstly, we locate suspicious connections according to the characteristics of DDoS attacks and then migrate the connections to the backup server. The backup server is equipped with a convolutional neural network, which can accurately determine whether the traffic on the suspicious connections is attack traffic or not. The simulation results show that the detection mechanism can effectively detect whether a DDoS attack occurs on a certain connection, migrate suspicious connections, and alleviate the pressure of network and ensure its normal operation.

查看原文本刊更多论文

SINET中基于卷积神经网络的DDoS攻击检测机制

从DoS(分布式拒绝服务)到DDoS(分布式拒绝服务)，DoS攻击一直是网络安全的重要威胁。在智能标识网络中，资源适配解析服务器容易受到DDoS攻击导致单点故障，可能导致全网瘫痪，因此对其进行DDoS攻击检测显得尤为重要。提出了一种针对资源自适应解析服务器的DDoS攻击检测机制。首先根据DDoS攻击的特点定位可疑连接，然后将可疑连接迁移到备份服务器。备份服务器配备卷积神经网络，可以准确判断可疑连接上的流量是否为攻击流量。仿真结果表明，该检测机制能够有效地检测某一连接上是否发生DDoS攻击，并对可疑连接进行迁移，缓解网络压力，保证网络正常运行。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)

自引率

0.00%

发文量