A deep learning based intelligent framework to mitigate DDoS attack in fog environment

Abstract Fog computing (FC) is a contemporary computing paradigm that gives additional support to cloud environment by carrying out some local data analysis in edge of the devices, facilitating networking, computing, infrastructure and storage support as backbone for end user computing. Still enterprises are not convinced to use this as security and privacy are most of the open and challenging issues. Availability among the security requirements is the one which is about rendering on demand service to different client applications without any disruptions. It can often be demolished by Denial of service (DoS) and distributed denial of service (DDoS) attacks in fog and cloud computing environment. In this paper we propose a novel Source based DDoS defence mechanism which can be used in fog environment as well as the cloud environment to mitigate DDoS attacks. It makes use of Software Defined Network (SDN) to deploy the DDoS defender module at SDN controller to detect the anomalous behavior of DDoS attacks in Network/Transport level. The proposed work provides deep learning (DL) based detection method which makes use of the network traffic analysis mechanisms to filter and forward the legitimate packets to the server and can block the infected packets to cause further attacks.

[1]  Jürgen Schmidhuber,et al.  Long Short-Term Memory , 1997, Neural Computation.

[2]  Ionita Mihai-Gabriel,et al.  Achieving DDoS resiliency in a software defined network by intelligent risk assessment based on neural networks and danger theory , 2014, 2014 IEEE 15th International Symposium on Computational Intelligence and Informatics (CINTI).

[3]  Ruby B. Lee,et al.  Machine Learning Based DDoS Attack Detection from Source Side in Cloud , 2017, 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud).

[4]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[5]  Xiaolin Li,et al.  Detection and defense of DDoS attack–based on deep learning in OpenFlow‐based SDN , 2018, Int. J. Commun. Syst..

[6]  Darragh O'Brien,et al.  Machine Learning for Automatic Defence Against Distributed Denial of Service Attacks , 2007, 2007 IEEE International Conference on Communications.

[7]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[8]  Rajkumar Buyya,et al.  Fog Computing: A Taxonomy, Survey and Future Directions , 2016, Internet of Everything.

[9]  Alejandro Zunino,et al.  An empirical comparison of botnet detection methods , 2014, Comput. Secur..

[10]  Yongdae Kim,et al.  A machine learning framework for network anomaly detection using SVM and GA , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[11]  Nitish Srivastava,et al.  Dropout: a simple way to prevent neural networks from overfitting , 2014, J. Mach. Learn. Res..

[12]  Xin Xu,et al.  Defending DDoS Attacks Using Hidden Markov Models and Cooperative Reinforcement Learning , 2007, PAISI.

[13]  Naveen K. Chilamkurti,et al.  Distributed attack detection scheme using deep learning approach for Internet of Things , 2017, Future Gener. Comput. Syst..

[14]  Ali A. Ghorbani,et al.  Toward developing a systematic approach to generate benchmark datasets for intrusion detection , 2012, Comput. Secur..

[15]  Zhifeng Xiao,et al.  Security and Privacy in Cloud Computing , 2013, IEEE Communications Surveys & Tutorials.

[16]  Simon Parkinson,et al.  Fog computing security: a review of current applications and security solutions , 2017, Journal of Cloud Computing.

[17]  F. Richard Yu,et al.  Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges , 2016, IEEE Communications Surveys & Tutorials.

[18]  S. Selvakumar,et al.  Distributed denial of service attack detection using an ensemble of neural classifier , 2011, Comput. Commun..

[19]  Brojo Kishore Mishra,et al.  An Investigation Into the Efficacy of Deep Learning Tools for Big Data Analysis in Health Care , 2018, Int. J. Grid High Perform. Comput..

[20]  Fernanda Gusmão de Lima Kastensmidt,et al.  Evaluating one-hot encoding finite state machines for SEU reliability in SRAM-based FPGAs , 2006, 12th IEEE International On-Line Testing Symposium (IOLTS'06).

[21]  Symeon Papavassiliou,et al.  Network intrusion and fault detection: a statistical anomaly approach , 2002, IEEE Commun. Mag..

[22]  Jordi Torres,et al.  Adaptive distributed mechanism against flooding network attacks based on machine learning , 2008, AISec '08.

[23]  Guofei Gu,et al.  Attacking software-defined networks: a first feasibility study , 2013, HotSDN '13.

[24]  Bibhudatta Sahoo,et al.  A Comprehensive Tutorial on Software Defined Network: The Driving Force for the Future Internet Technology , 2016 .

[25]  Xiaolin Li,et al.  DeepDefense: Identifying DDoS Attack via Deep Learning , 2017, 2017 IEEE International Conference on Smart Computing (SMARTCOMP).

[26]  Ronaldo M. Salles,et al.  Botnets: A survey , 2013, Comput. Networks.

[27]  Qun Li,et al.  Security and Privacy Issues of Fog Computing: A Survey , 2015, WASA.

[28]  Rajkumar Buyya,et al.  Internet of Things: Principles and Paradigms , 2016 .