Collaborative DDoS defense for SDN-based AIoT with autoencoder-enhanced federated learning

IF 14.7 1区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Information Fusion Pub Date : 2024-12-04 DOI:10.1016/j.inffus.2024.102820

Jie Ma, Wei Su

{"title":"Collaborative DDoS defense for SDN-based AIoT with autoencoder-enhanced federated learning","authors":"Jie Ma, Wei Su","doi":"10.1016/j.inffus.2024.102820","DOIUrl":null,"url":null,"abstract":"The massive number of edge-connected IoT devices currently in SD-AIoT can be weaponized to launch Distributed Denial of Service attacks. Nevertheless, centralized DDoS defense schemes that excessively rely on up-to-date labeled training data are significantly inefficient due to the scarcity of such datasets. The privacy of these datasets and the widespread emergence of adversarial attacks make it difficult for autonomous system collaborators to share such sensitive data. To this end, we propose a novel decentralized defense scheme based on a trusted Federated Learning framework for AIoT scenarios. In particular, it consists of: (1) an outlier-aware Semi-supervised attack detection model for anomaly detection based on a Federated Learning framework that supports the robust identification of attack classes with a limited number of labeled outliers to reduce the false alarm rate; (2) a novel Secure Multiparty Computation method for trusted aggregation of local model updates to enhance the transmission privacy of collaborators’ parameters; (3) a mitigation mechanism based on horizontal cooperation to reduce the impact of packet loss on normal traffic by deploying differentiated speed-limiting policies with attack path pushback. Our evaluation of various attack scenarios and traces from real datasets CICIDS2017 and InSDN shows that the proposed scheme shows significant improvement in terms of accuracy, effectiveness, etc., compared to state-of-the-art SDN-based defense schemes.","PeriodicalId":50367,"journal":{"name":"Information Fusion","volume":"20 1","pages":""},"PeriodicalIF":14.7000,"publicationDate":"2024-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Fusion","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1016/j.inffus.2024.102820","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

The massive number of edge-connected IoT devices currently in SD-AIoT can be weaponized to launch Distributed Denial of Service attacks. Nevertheless, centralized DDoS defense schemes that excessively rely on up-to-date labeled training data are significantly inefficient due to the scarcity of such datasets. The privacy of these datasets and the widespread emergence of adversarial attacks make it difficult for autonomous system collaborators to share such sensitive data. To this end, we propose a novel decentralized defense scheme based on a trusted Federated Learning framework for AIoT scenarios. In particular, it consists of: (1) an outlier-aware Semi-supervised attack detection model for anomaly detection based on a Federated Learning framework that supports the robust identification of attack classes with a limited number of labeled outliers to reduce the false alarm rate; (2) a novel Secure Multiparty Computation method for trusted aggregation of local model updates to enhance the transmission privacy of collaborators’ parameters; (3) a mitigation mechanism based on horizontal cooperation to reduce the impact of packet loss on normal traffic by deploying differentiated speed-limiting policies with attack path pushback. Our evaluation of various attack scenarios and traces from real datasets CICIDS2017 and InSDN shows that the proposed scheme shows significant improvement in terms of accuracy, effectiveness, etc., compared to state-of-the-art SDN-based defense schemes.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Information Fusion 工程技术-计算机：理论方法

CiteScore

33.20

自引率

4.30%

发文量

161

审稿时长

7.9 months

期刊介绍： Information Fusion serves as a central platform for showcasing advancements in multi-sensor, multi-source, multi-process information fusion, fostering collaboration among diverse disciplines driving its progress. It is the leading outlet for sharing research and development in this field, focusing on architectures, algorithms, and applications. Papers dealing with fundamental theoretical analyses as well as those demonstrating their application to real-world problems will be welcome.