SOM-based DDoS Defense Mechanism using SDN for the Internet of Things

• URL: http://arxiv.org/abs/2003.06834v2
• Date: Wed, 18 Mar 2020 02:41:59 GMT
• Title: SOM-based DDoS Defense Mechanism using SDN for the Internet of Things
• Authors: Yunfei Meng, Zhiqiu Huang, Senzhang Wang, Guohua Shen, Changbo Ke
• Abstract summary: We propose a SOM-based DDoS defense mechanism using software-defined networking (SDN) The main idea of the mechanism is to deploy a SDN-based gateway to protect the device services in the Internet of things.
• Score: 14.58995970729543
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: To effectively tackle the security threats towards the Internet of things, we propose a SOM-based DDoS defense mechanism using software-defined networking (SDN) in this paper. The main idea of the mechanism is to deploy a SDN-based gateway to protect the device services in the Internet of things. The gateway provides DDoS defense mechanism based on SOM neural network. By means of SOM-based DDoS defense mechanism, the gateway can effectively identify the malicious sensing devices in the IoT, and automatically block those malicious devices after detecting them, so that it can effectively enforce the security and robustness of the system when it is under DDoS attacks. In order to validate the feasibility and effectiveness of the mechanism, we leverage POX controller and Mininet emulator to implement an experimental system, and further implement the aforementioned security enforcement mechanisms with Python. The final experimental results illustrate that the mechanism is truly effective under the different test scenarios.

Related papers

• Defense against Joint Poison and Evasion Attacks: A Case Study of DERMS [2.632261166782093]
  We propose the first framework of IDS that is robust against joint poisoning and evasion attacks. We verify the robustness of our method on the IEEE-13 bus feeder model against a diverse set of poisoning and evasion attack scenarios.
  arXiv  Detail & Related papers  (2024-05-05T16:24:30Z)
• IoTWarden: A Deep Reinforcement Learning Based Real-time Defense System to Mitigate Trigger-action IoT Attacks [3.1449061818799615]
  We build a reinforcement learning based real-time defense system for injection attacks. Our experiments show that the proposed mechanism can effectively and accurately identify and defend against injection attacks with reasonable overhead.
  arXiv  Detail & Related papers  (2024-01-16T06:25:56Z)
• When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems [53.2306792009435]
  We develop two lightweight driver authentication systems based on Random Forest and Recurrent Neural Network architectures. We are the first to propose attacks against these systems by developing two novel evasion attacks, SMARTCAN and GANCAN. Through our contributions, we aid practitioners in safely adopting these systems, help reduce car thefts, and enhance driver security.
  arXiv  Detail & Related papers  (2023-06-09T14:33:26Z)
• DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified Robustness [58.23214712926585]
  We develop a certified defense, DRSM (De-Randomized Smoothed MalConv), by redesigning the de-randomized smoothing technique for the domain of malware detection. Specifically, we propose a window ablation scheme to provably limit the impact of adversarial bytes while maximally preserving local structures of the executables. We are the first to offer certified robustness in the realm of static detection of malware executables.
  arXiv  Detail & Related papers  (2023-03-20T17:25:22Z)
• Synthesis of Adversarial DDOS Attacks Using Tabular Generative Adversarial Networks [0.0]
  New types of attacks stand out as the technology of attacks keep evolving. One of these attacks are the attacks based on Generative Adversarial Networks (GAN) that can evade machine learning IDS leaving them vulnerable. This project investigates the impact of the Adversarial Attacks synthesized using real DDoS attacks generated using GANs on the IDS.
  arXiv  Detail & Related papers  (2022-12-14T18:55:04Z)
• CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an In-Vehicle CAN Bus Based on Deep Features of Voltage Signals [48.813942331065206]
  We propose a security hardening system for in-vehicle networks. The proposed system includes two mechanisms that process deep features extracted from voltage signals measured on the CAN bus.
  arXiv  Detail & Related papers  (2021-06-15T06:12:33Z)
• TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack [46.79557381882643]
  We present TANTRA, a novel end-to-end Timing-based Adversarial Network Traffic Reshaping Attack. Our evasion attack utilizes a long short-term memory (LSTM) deep neural network (DNN) which is trained to learn the time differences between the target network's benign packets. TANTRA achieves an average success rate of 99.99% in network intrusion detection system evasion.
  arXiv  Detail & Related papers  (2021-03-10T19:03:38Z)
• Developing Enterprise Cyber Situational Awareness [0.0]
  The topic will focus on the U.S. Department of Defense strategy towards improving their network security defenses. The approach will be analyzed to determine if DOD goals address any of their vulnerabilities towards protecting their networks.
  arXiv  Detail & Related papers  (2020-09-03T18:16:06Z)
• Measurement-driven Security Analysis of Imperceptible Impersonation Attacks [54.727945432381716]
  We study the exploitability of Deep Neural Network-based Face Recognition systems. We show that factors such as skin color, gender, and age, impact the ability to carry out an attack on a specific target victim. We also study the feasibility of constructing universal attacks that are robust to different poses or views of the attacker's face.
  arXiv  Detail & Related papers  (2020-08-26T19:27:27Z)
• Timely Detection and Mitigation of Stealthy DDoS Attacks via IoT Networks [30.68108039722565]
  Internet of Things (IoT) devices are susceptible to being compromised and being part of a new type of stealthy Distributed Denial of Service (DDoS) attack, called Mongolian DDoS. This study proposes a novel anomaly-based Intrusion Detection System (IDS) that is capable of timely detecting and mitigating this emerging type of DDoS attacks.
  arXiv  Detail & Related papers  (2020-06-15T00:54:49Z)
• A Self-supervised Approach for Adversarial Robustness [105.88250594033053]
  Adversarial examples can cause catastrophic mistakes in Deep Neural Network (DNNs) based vision systems. This paper proposes a self-supervised adversarial training mechanism in the input space. It provides significant robustness against the textbfunseen adversarial attacks.
  arXiv  Detail & Related papers  (2020-06-08T20:42:39Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.