A Spatiotemporal-Oriented Deep Ensemble Learning Model to Defend Link Flooding Attacks in IoT Network

(1) Background: Link flooding attacks (LFA) are a spatiotemporal attack pattern of distributed denial-of-service (DDoS) that arranges bots to send low-speed traffic to backbone links and paralyze servers in the target area. (2) Problem: The traditional methods to defend against LFA are heuristic and cannot reflect the changing characteristics of LFA over time; the AI-based methods only detect the presence of LFA without considering the spatiotemporal series attack pattern and defense suggestion. (3) Methods: This study designs a deep ensemble learning model (Stacking-based integrated Convolutional neural network–Long short term memory model, SCL) to defend against LFA: (a) combining continuous network status as an input to represent “continuous/combination attacking action” and to help CNN operation to extract features of spatiotemporal attack pattern; (b) applying LSTM to periodically review the current evolved LFA patterns and drop the obsolete ones to ensure decision accuracy and confidence; (c) stacking System Detector and LFA Mitigator module instead of only one module to couple with LFA detection and mediation at the same time. (4) Results: The simulation results show that the accuracy rate of SCL successfully blocking LFA is 92.95%, which is 60.81% higher than the traditional method. (5) Outcomes: This study demonstrates the potential and suggested development trait of deep ensemble learning on network security.

[1]  Gui Yun Tian,et al.  Deep Learning Models for Cyber Security in IoT Networks , 2019, 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC).

[2]  Hassan Mathkour,et al.  IoT Botnet Attack Detection Based on Optimized Extreme Gradient Boosting and Feature Selection , 2020, Sensors.

[3]  Guosong Yang,et al.  Modeling and Mitigating the Coremelt Attack , 2018, 2018 Annual American Control Conference (ACC).

[4]  Guigang Zhang,et al.  Deep Learning , 2016, Int. J. Semantic Comput..

[5]  Yangwoo Kim,et al.  Cardiac Arrhythmia Disease Classification Using LSTM Deep Learning Approach , 2021 .

[6]  Lei Xue,et al.  LinkScope: Toward Detecting Target Link Flooding Attacks , 2018, IEEE Transactions on Information Forensics and Security.

[7]  Henrietta Hardy Mrs Hammond The complete guide , 1883 .

[8]  Boyang Zhou,et al.  A Deep ConvNet-Based Countermeasure to Mitigate Link Flooding Attacks Using Software-Defined Networks , 2019, 2019 IEEE Symposium on Computers and Communications (ISCC).

[9]  Virgil D. Gligor,et al.  The Crossfire Attack , 2013, 2013 IEEE Symposium on Security and Privacy.

[10]  Hongyang Chen,et al.  Double Coded Caching in Ultra Dense Networks: Caching and Multicast Scheduling via Deep Reinforcement Learning , 2020, IEEE Transactions on Communications.

[11]  Sung-Bong Jang,et al.  A Comparison of Regularization Techniques in Deep Neural Networks , 2018, Symmetry.

[12]  Kemal Akkaya,et al.  Mitigating Crossfire Attacks Using SDN-Based Moving Target Defense , 2016, 2016 IEEE 41st Conference on Local Computer Networks (LCN).

[13]  Bandar Alotaibi,et al.  A Stacked Deep Learning Approach for IoT Cyberattack Detection , 2020, J. Sensors.

[14]  David K. Y. Yau,et al.  Realtime DDoS Defense Using COTS SDN Switches via Adaptive Correlation Analysis , 2018, IEEE Transactions on Information Forensics and Security.

[15]  Borja Navarro-Colorado,et al.  A Systematic Review of Deep Learning Approaches to Educational Data Mining , 2019, Complex..

[16]  Michał Choraś,et al.  A Deep Learning Ensemble for Network Anomaly and Cyber-Attack Detection , 2020, Sensors.

[17]  Anandi Giridharan,et al.  Convolutional Neural Networks for classifying skin lesions , 2019, TENCON 2019 - 2019 IEEE Region 10 Conference (TENCON).

[18]  Shilong Yu,et al.  Residual Learning and LSTM Networks for Wearable Human Activity Recognition Problem , 2018, 2018 37th Chinese Control Conference (CCC).

[19]  Seungwon Shin,et al.  Software-Defined HoneyNet: Towards Mitigating Link Flooding Attacks , 2017, 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W).

[20]  Hermann Kopetz,et al.  Real-time systems , 2018, CSC '73.

[21]  Juntae Kim,et al.  Toward Developing Efficient Conv-AE-Based Intrusion Detection System Using Heterogeneous Dataset , 2020, Electronics.

[22]  Nikunj Vijay Mahajan,et al.  Prediction of Fault in Gas Chromatograph using Convolutional Neural Network , 2019, 2019 3rd International Conference on Trends in Electronics and Informatics (ICOEI).

[23]  Ziyou Gao,et al.  Short-term prediction of passenger volume for urban rail systems: A deep learning approach based on smart-card data , 2021 .

[24]  Jürgen Schmidhuber,et al.  Deep learning in neural networks: An overview , 2014, Neural Networks.

[25]  Balram Yadav,et al.  Deep Learning in Malware Identification and Classification , 2020, Malware Analysis Using Artificial Intelligence and Deep Learning.

[26]  Iwao Sasase,et al.  Traceroute-based target link flooding attack detection scheme by analyzing hop count to the destination , 2017, 2017 23rd Asia-Pacific Conference on Communications (APCC).

[27]  Hua Wang,et al.  Cyberpulse: A Machine Learning Based Link Flooding Attack Mitigation System for Software Defined Networks , 2019, IEEE Access.

[28]  Gaurav Soni,et al.  DPLPLN: Detection and Prevention from Flooding Attack in IoT , 2020, 2020 International Conference on Smart Electronics and Communication (ICOSEC).

[29]  Nagarathna Ravi,et al.  BALANCE: Link Flooding Attack Detection and Mitigation via Hybrid-SDN , 2020, IEEE Transactions on Network and Service Management.

[30]  Zhenhua Li,et al.  Randomized Security Patrolling for Link Flooding Attack Detection , 2020, IEEE Transactions on Dependable and Secure Computing.

[31]  Jiwen Dong,et al.  Simple convolutional neural network on image classification , 2017, 2017 IEEE 2nd International Conference on Big Data Analysis (ICBDA)(.

[32]  Bo Zhao,et al.  Detecting and Mitigating Target Link-Flooding Attacks Using SDN , 2019, IEEE Transactions on Dependable and Secure Computing.

[33]  William B. Andreopoulos Malware Detection with Sequence-Based Machine Learning and Deep Learning , 2020, Malware Analysis Using Artificial Intelligence and Deep Learning.

[34]  K. Shadan,et al.  Available online: , 2012 .