Simpson, K. A. , Rogers, S. and Pezaros, D. P. (2020) Per-host DDoS mitigation by direct-control reinforcement learning. IEEE Transactions on Network and Service Management, 17(1), pp. 103-117. (doi: 10.1109/TNSM.2019.2960202)
|
Text
205890.pdf - Accepted Version 833kB |
Abstract
DDoS attacks plague the availability of online services today, yet like many cybersecurity problems are evolving and non-stationary. Normal and attack patterns shift as new protocols and applications are introduced, further compounded by burstiness and seasonal variation. Accordingly, it is difficult to apply machine learning-based techniques and defences in practice. Reinforcement learning (RL) may overcome this detection problem for DDoS attacks by managing and monitoring consequences; an agent’s role is to learn to optimise performance criteria (which are always available) in an online manner. We advance the state-of-the-art in RL-based DDoS mitigation by introducing two agent classes designed to act on a per-flow basis, in a protocol-agnostic manner for any network topology. This is supported by an in-depth investigation of feature suitability and empirical evaluation. Our results show the existence of flow features with high predictive power for different traffic classes, when used as a basis for feedback-loop-like control. We show that the new RL agent models can offer a significant increase in goodput of legitimate TCP traffic for many choices of host density.
Item Type: | Articles |
---|---|
Additional Information: | This work has also been supported by the European Cooperation in Science and Technology (COST) Action CA15127: RECODIS. |
Status: | Published |
Refereed: | Yes |
Glasgow Author(s) Enlighten ID: | Simpson, Dr Kyle and Pezaros, Professor Dimitrios and Rogers, Dr Simon |
Authors: | Simpson, K. A., Rogers, S., and Pezaros, D. P. |
College/School: | College of Science and Engineering > School of Computing Science |
Journal Name: | IEEE Transactions on Network and Service Management |
Publisher: | IEEE |
ISSN: | 1932-4537 |
ISSN (Online): | 1932-4537 |
Published Online: | 17 December 2019 |
Copyright Holders: | Copyright © 2019 IEEE |
First Published: | First published in IEEE Transactions on Network and Service Management 17(1): 103-117 |
Publisher Policy: | Reproduced in accordance with the copyright policy of the publisher |
University Staff: Request a correction | Enlighten Editors: Update this record