Distributed Denial of Service (DDoS) attacks continue to be one of the most severe threats in the Internet. The intrinsic challenge in preventing DDoS attacks is to distinguish them from legitimate flash crowds since two have many traffic characteristics in common. Today most DDoS detection techniques focus on finding parametric differences between the patterns in attack and legitimate traffic. However, such techniques are very sensitive to the threshold values set on the parameters and more importantly legitimate traffic features might be mimicked by smart attackers to generate requests that look like flash crowds. In this paper, we propose a framework for training networks for such smart attacks. Our framework is based on Deep Generative Network models and our contributions are two-fold.We first show that legitimate traffic features can be mimicked without explicitly modeling their distributions. Second, we introduce the concept of context-aware DDoS attacks. We show that an attacker can generate traffic that looks similar to flash crowds to be undetected for long periods of time. However, the ability of generating such attacks is constrained by the budget of the attacker. A context-aware attacker is the one that can intelligently use its budget to maximize the damage in the victim network. Our study provides a framework for training networks for such DDoS attack scenarios.
|9. okt. 2018
|Udgivet - 9. okt. 2018
|International Conference on Computer Communication and Networks (ICCCN) - Hangzhou, Kina
Varighed: 30. jul. 2018 → 2. aug. 2018
Konferencens nummer: 27
|International Conference on Computer Communication and Networks (ICCCN)
|30/07/2018 → 02/08/2018