AI infers DoS mitigation rules
Identifikátory výsledku
Kód výsledku v IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F22%3A10133497" target="_blank" >RIV/63839172:_____/22:10133497 - isvavai.cz</a>
Výsledek na webu
<a href="https://doi.org/10.1007/s10844-022-00728-2" target="_blank" >https://doi.org/10.1007/s10844-022-00728-2</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1007/s10844-022-00728-2" target="_blank" >10.1007/s10844-022-00728-2</a>
Alternativní jazyky
Jazyk výsledku
angličtina
Název v původním jazyce
AI infers DoS mitigation rules
Popis výsledku v původním jazyce
DDoS attacks still represent a severe threat to network services. While there are more or less workable solutions to defend against these attacks, there is a significant space for further research regarding automation of reactions. In this article, we focus on one piece of the whole puzzle. We strive to automatically infer filtering rules which are specific to the current DoS attack to decrease the time to mitigation. We employ a machine learning technique to create a model of the traffic mix based on observing network traffic during the attack and normal period. The model is subsequently converted into the filtering rules. We evaluate our approach on several datasets. We experiment with various setups of hyperparameters as well as the various intensity of the attack traffic. The results of our experiments show that the proposed approach is feasible in terms of the capability of inferring successful filtering rules as well as inferring them in a reasonable time.
Název v anglickém jazyce
AI infers DoS mitigation rules
Popis výsledku anglicky
DDoS attacks still represent a severe threat to network services. While there are more or less workable solutions to defend against these attacks, there is a significant space for further research regarding automation of reactions. In this article, we focus on one piece of the whole puzzle. We strive to automatically infer filtering rules which are specific to the current DoS attack to decrease the time to mitigation. We employ a machine learning technique to create a model of the traffic mix based on observing network traffic during the attack and normal period. The model is subsequently converted into the filtering rules. We evaluate our approach on several datasets. We experiment with various setups of hyperparameters as well as the various intensity of the attack traffic. The results of our experiments show that the proposed approach is feasible in terms of the capability of inferring successful filtering rules as well as inferring them in a reasonable time.
Klasifikace
Druh
J<sub>imp</sub> - Článek v periodiku v databázi Web of Science
CEP obor
—
OECD FORD obor
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Návaznosti výsledku
Projekt
—
Návaznosti
R - Projekt Ramcoveho programu EK
Ostatní
Rok uplatnění
2022
Kód důvěrnosti údajů
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Údaje specifické pro druh výsledku
Název periodika
Journal of Intelligent Information Systems
ISSN
1573-7675
e-ISSN
—
Svazek periodika
2022
Číslo periodika v rámci svazku
23 August 2022
Stát vydavatele periodika
NL - Nizozemsko
Počet stran výsledku
20
Strana od-do
1-19
Kód UT WoS článku
000843424300001
EID výsledku v databázi Scopus
—