상세 보기
초록
With the rapid development of Software-Defined Networking (SDN) advocating a centralized view of networks, efficient and reliable Distributed Denial of Service (DDoS) defenses are necessary to protect the centralized SDN controller. In this work, we explore the robustness of DL-based DDoS defenses in SDN against adversarial learning attacks. First, we investigate generic off-the-shelf adversarial attacks to test the robustness of DDoS defenses in SDN. Then, we propose Flow-Merge for realistic adversarial flows while achieving a high evasion rate. The evaluation shows that the proposed Flow-Merge is able to force the DL-based DDoS defenses to misclassify 100% of benign flows as malicious.
키워드
Distributed Denial of Service; Intrusion Detection; Deep Learning; Adversarial Attacks
- 제목
- Examining the Security of DDoS Detection Systems in Software Defined Networks
- 저자
- Abusnaina, Ahmed; Nyang, DaeHun; Yuksel, Murat; Mohaisen, Aziz
- 발행일
- 2019
- 유형
- Proceedings Paper
- 저널명
- CONEXT'19 COMPANION: PROCEEDINGS OF THE 15TH INTERNATIONAL CONFERENCE ON EMERGING NETWORKING EXPERIMENTS AND TECHNOLOGIES
- 페이지
- 49 ~ 50