All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

AI infers DoS mitigation rules

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F22%3A10133497" target="_blank" >RIV/63839172:_____/22:10133497 - isvavai.cz</a>

  • Result on the web

    <a href="https://doi.org/10.1007/s10844-022-00728-2" target="_blank" >https://doi.org/10.1007/s10844-022-00728-2</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1007/s10844-022-00728-2" target="_blank" >10.1007/s10844-022-00728-2</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    AI infers DoS mitigation rules

  • Original language description

    DDoS attacks still represent a severe threat to network services. While there are more or less workable solutions to defend against these attacks, there is a significant space for further research regarding automation of reactions. In this article, we focus on one piece of the whole puzzle. We strive to automatically infer filtering rules which are specific to the current DoS attack to decrease the time to mitigation. We employ a machine learning technique to create a model of the traffic mix based on observing network traffic during the attack and normal period. The model is subsequently converted into the filtering rules. We evaluate our approach on several datasets. We experiment with various setups of hyperparameters as well as the various intensity of the attack traffic. The results of our experiments show that the proposed approach is feasible in terms of the capability of inferring successful filtering rules as well as inferring them in a reasonable time.

  • Czech name

  • Czech description

Classification

  • Type

    J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

  • Continuities

    R - Projekt Ramcoveho programu EK

Others

  • Publication year

    2022

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Name of the periodical

    Journal of Intelligent Information Systems

  • ISSN

    1573-7675

  • e-ISSN

  • Volume of the periodical

    2022

  • Issue of the periodical within the volume

    23 August 2022

  • Country of publishing house

    NL - THE KINGDOM OF THE NETHERLANDS

  • Number of pages

    20

  • Pages from-to

    1-19

  • UT code for WoS article

    000843424300001

  • EID of the result in the Scopus database

Similar results(10)

Towards Inference of DDoS Mitigation RulesTowards Real-Time Intrusion Detection for NetFlow and IPFIXExploitation of NetEm Utility for Non-payload-based Obfuscation Techniques Improving Network Anomaly Detection