Stability of SDE-LJN System in the Internet to Mitigate Constant-Rate DDoS Attacks

The Internet is nowadays suffering dramatically serious attacks, with the distributed denial of service (DDoS) attacks being the representative and dominant ones. It is seen that, to stabilize the buffer queue length around a given target under DDoS attacks in the relevant routes is vitally important and helpful to mitigate the attacks and to improve the quality of service (QoS) for normal users. In the current paper, a stochastic queue dynamic model with L e ´ vy jump noise, which is affected by the continuous Brownian motion and the discontinuous Poisson process, is worked out to develop a novel and accurate mathematical framework for the stability of a route queue that deals with constant-rate DDoS attacks. This article proposes a security defensive mechanism in the network for solving the network collapse that can possibly be caused by DDoS attacks, otherwise. Particularly, based on the formulation of a stochastic queue dynamic with L e ´ vy jump noise, the mechanism that characterizes the behavior of the queue at routers is presented for stabilizing the queue length under constant-rate DDoS attacks. By applying the stochastic control theory into analyzing the performance of queue dynamic under constant-rate DDoS attacks, some explicit conditions are established under which the instantaneous queue length converges to any given target in a route. Simulation results demonstrate the satisfaction of the proposed defense mechanism with sharp contrast to the state of the art active queue management (AQM) schemes.

[1]  Qun Liu,et al.  Analysis of a general stochastic non-autonomous logistic model with delays and Lévy jumps , 2016 .

[2]  Sejin Park,et al.  A Collaborative DDoS Mitigation Solution Based on Ethereum Smart Contract and RNN-LSTM , 2019, 2019 20th Asia-Pacific Network Operations and Management Symposium (APNOMS).

[3]  Sanjeev Patel,et al.  Sensitivity analysis of queue-based AQM over network parameters , 2019, IET Networks.

[4]  Zhijun Wu,et al.  Detecting LDoS attack bursts based on queue distribution , 2019, IET Inf. Secur..

[5]  X. Mao,et al.  Competitive Lotka–Volterra population dynamics with jumps , 2011, 1102.2163.

[6]  Jian Yuan,et al.  Monitoring the macroscopic effect of DDoS flooding attacks , 2005, IEEE Transactions on Dependable and Secure Computing.

[7]  Jen-te Yu,et al.  A robust nonlinear PI controller for improving AQM performance , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).

[8]  Zexue Li,et al.  Queueing Analysis for Delay/Disruption Tolerant Networks with Random Link Interruptions , 2016, 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[9]  Marcello Vasta,et al.  Parametric identification of systems with non-Gaussian excitation using measured response spectra , 2000 .

[10]  The Stationary Distribution of Competitive Lotka-Volterra Population Systems with Jumps , 2014 .

[11]  Wei Zhang,et al.  Stability of TCP/RED systems in AQM routers , 2006, IEEE Transactions on Automatic Control.

[12]  Tao Li,et al.  Stability of stochastic functional differential systems using degenerate Lyapunov functionals and applications , 2018, Autom..

[13]  Gaurav Raina,et al.  Stability and Performance of Compound TCP With a Proportional Integral Queue Policy , 2019, IEEE Transactions on Control Systems Technology.

[14]  Andreas Pitsillides,et al.  Adaptive nonlinear congestion controller for a differentiated-services framework , 2005, IEEE/ACM Transactions on Networking.

[15]  Xiang Gao,et al.  DDoS Defense Mechanism Analysis Based on Signaling Game Model , 2013, 2013 5th International Conference on Intelligent Human-Machine Systems and Cybernetics.

[16]  Van-Dinh Nguyen,et al.  UAV-Enabled Jamming Noise for Achieving Secure Communications in Cognitive Radio Networks , 2019, 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[17]  Liansheng Tan,et al.  Stability of TCP/AQM Networks Under DDoS Attacks With Design , 2020, IEEE Trans. Netw. Sci. Eng..

[18]  Amar Aissani Queueing Analysis for Networks Under DoS Attack , 2008, ICCSA.

[19]  Linshan Wang,et al.  Well-Posedness and Asymptotic Behaviors for a Predator-Prey System with Lévy Noise , 2017 .

[20]  Zhong-Ping Jiang,et al.  Nonlinear output feedback control of TCP/AQM networks , 2005, 2005 IEEE International Symposium on Circuits and Systems.

[21]  Kei Kobayashi,et al.  Beyond the Triangle:Brownian Motion, Ito Calculus, and Fokker–Planck Equation — Fractional Generalizations , 2018 .

[22]  Shalabh Bhatnagar,et al.  Adaptive mean queue size and its rate of change: queue management with random dropping , 2016, Telecommun. Syst..

[23]  Winston S. Buckley,et al.  A jump model for fads in asset prices under asymmetric information , 2014, Eur. J. Oper. Res..

[24]  Jie Xu,et al.  On a Mathematical Model for Low-Rate Shrew DDoS , 2014, IEEE Transactions on Information Forensics and Security.

[25]  Santanu Phadikar,et al.  Detection of DDoS Attack and Classification Using a Hybrid Approach , 2020, 2020 Third ISEA Conference on Security and Privacy (ISEA-ISAP).

[26]  Vishnu Sharma,et al.  Throughput analysis of AQM schemes under low-rate Denial of service attacks , 2016, 2016 International Conference on Computing, Communication and Automation (ICCCA).

[27]  H. Vincent Poor,et al.  Downlink Beamforming for Energy-Efficient Heterogeneous Networks With Massive MIMO and Small Cells , 2018, IEEE Transactions on Wireless Communications.

[28]  Sai Prasad,et al.  Stability and bifurcation analysis of the AVQ and E-RED queue management policies , 2016, 2016 IEEE Conference on Control Applications (CCA).

[29]  Reza Shahnazi,et al.  PSO-RBF Based control Schema for Adaptive Active Queue Management in TCP Networks , 2017 .

[30]  Meihang Li,et al.  Maximum Likelihood Least Squares Based Iterative Estimation for a Class of Bilinear Systems Using the Data Filtering Technique , 2020 .

[31]  Chunmei Zhang,et al.  Graph Theory-Based Approach for Stability Analysis of Stochastic Coupled Systems With Lévy Noise on Networks , 2015, IEEE Transactions on Neural Networks and Learning Systems.

[32]  Dhruba Kumar Bhattacharyya,et al.  Real-time DDoS attack detection using FPGA , 2017, Comput. Commun..

[33]  Quanyan Zhu,et al.  Adaptive Exponential Synchronization of Multislave Time-Delayed Recurrent Neural Networks With Lévy Noise and Regime Switching , 2017, IEEE Transactions on Neural Networks and Learning Systems.

[34]  Linshan Wang,et al.  Permanence and extinction of stochastic competitive Lotka–Volterra system with Lévy noise , 2018 .

[35]  Yong Xu,et al.  The normal deviation for slow-fast systems driven by L\'evy noise , 2020, 2008.08359.

[36]  David Applebaum,et al.  Lévy Processes and Stochastic Calculus by David Applebaum , 2009 .

[37]  Xiaofan Li,et al.  A computational analysis for mean exit time under non-Gaussian Lévy noises , 2011, Appl. Math. Comput..

[38]  George Yin,et al.  Stability of Stochastic Functional Differential Equations with Regime-Switching: Analysis Using Dupire’s Functional Itô Formula , 2019, Potential Analysis.

[39]  Peter Bodorik,et al.  DDoS Detection System: Using a Set of Classification Algorithms Controlled by Fuzzy Logic System in Apache Spark , 2019, IEEE Transactions on Network and Service Management.