{"title":"好莱坞:在网络流量的移动图像中检测体积攻击","authors":"Samuel Kopmann, Hauke Heseding, M. Zitterbart","doi":"10.1109/LCN53696.2022.9843465","DOIUrl":null,"url":null,"abstract":"Fast detection of Distributed Denial of Service attacks is key for establishing appropriate countermeasures in order to protect potential targets. HollywooDDoS applies well-known techniques from movie classification to the challenge of DDoS detection. The proposed approach utilizes a traffic aggregation scheme representing traffic volumes between IP subnets as two-dimensional images, while preserving detection relevant traffic characteristics. These images serve as input for a convolutional neural network, learning IP address space distributions of both background and attack traffic intensities. It is shown that a real-world DDoS attack can be precisely detected on the time scale of milliseconds. We evaluate classification of images without temporal information about attack traffic development to outline the impact of image resolution and aggregation time frames. We then show that attack detection further improves by 17% when utilizing a consecutive series of images capturing traffic dynamics.","PeriodicalId":303965,"journal":{"name":"2022 IEEE 47th Conference on Local Computer Networks (LCN)","volume":"31 2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"HollywooDDoS: Detecting Volumetric Attacks in Moving Images of Network Traffic\",\"authors\":\"Samuel Kopmann, Hauke Heseding, M. Zitterbart\",\"doi\":\"10.1109/LCN53696.2022.9843465\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Fast detection of Distributed Denial of Service attacks is key for establishing appropriate countermeasures in order to protect potential targets. HollywooDDoS applies well-known techniques from movie classification to the challenge of DDoS detection. The proposed approach utilizes a traffic aggregation scheme representing traffic volumes between IP subnets as two-dimensional images, while preserving detection relevant traffic characteristics. These images serve as input for a convolutional neural network, learning IP address space distributions of both background and attack traffic intensities. It is shown that a real-world DDoS attack can be precisely detected on the time scale of milliseconds. We evaluate classification of images without temporal information about attack traffic development to outline the impact of image resolution and aggregation time frames. We then show that attack detection further improves by 17% when utilizing a consecutive series of images capturing traffic dynamics.\",\"PeriodicalId\":303965,\"journal\":{\"name\":\"2022 IEEE 47th Conference on Local Computer Networks (LCN)\",\"volume\":\"31 2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-09-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE 47th Conference on Local Computer Networks (LCN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/LCN53696.2022.9843465\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 47th Conference on Local Computer Networks (LCN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/LCN53696.2022.9843465","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
HollywooDDoS: Detecting Volumetric Attacks in Moving Images of Network Traffic
Fast detection of Distributed Denial of Service attacks is key for establishing appropriate countermeasures in order to protect potential targets. HollywooDDoS applies well-known techniques from movie classification to the challenge of DDoS detection. The proposed approach utilizes a traffic aggregation scheme representing traffic volumes between IP subnets as two-dimensional images, while preserving detection relevant traffic characteristics. These images serve as input for a convolutional neural network, learning IP address space distributions of both background and attack traffic intensities. It is shown that a real-world DDoS attack can be precisely detected on the time scale of milliseconds. We evaluate classification of images without temporal information about attack traffic development to outline the impact of image resolution and aggregation time frames. We then show that attack detection further improves by 17% when utilizing a consecutive series of images capturing traffic dynamics.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
