DoS and DDoS Mitigation Using Variational Autoencoders
- URL: http://arxiv.org/abs/2105.06899v1
- Date: Fri, 14 May 2021 15:38:40 GMT
- Title: DoS and DDoS Mitigation Using Variational Autoencoders
- Authors: Eirik Molde B{\aa}rli, Anis Yazidi, Enrique Herrera Viedma, H{\aa}rek
Haugerud
- Abstract summary: We explore the potential of Variational Autoencoders to serve as a component within an intelligent security solution.
Two methods based on the ability of Variational Autoencoders to learn latent representations from network traffic flows are proposed.
- Score: 15.23225419183423
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: DoS and DDoS attacks have been growing in size and number over the last
decade and existing solutions to mitigate these attacks are in general
inefficient. Compared to other types of malicious cyber attacks, DoS and DDoS
attacks are particularly more challenging to combat. With their ability to mask
themselves as legitimate traffic, developing methods to detect these types of
attacks on a packet or flow level, has proven to be a difficult task. In this
paper, we explore the potential of Variational Autoencoders to serve as a
component within an intelligent security solution that differentiates between
normal and malicious traffic. Two methods based on the ability of Variational
Autoencoders to learn latent representations from network traffic flows are
proposed. The first method resorts to a classifier based on the latent
encodings obtained from Variational Autoencoders learned from traffic traces.
The second method is rather an anomaly detection method where the Variational
Autoencoder is used to learn the abstract feature representations of
exclusively legitimate traffic. Then anomalies are filtered out by relying on
the reconstruction loss of the Variational Autoencoder.
Both of the proposed methods have been thoroughly tested on two separate
datasets with a similar feature space. The results show that both methods are
promising, with a slight superiority of the classifier based method over the
anomaly based one.
%that the first method is able to successfully detect individual traffic
flows with high precision on the training and validation data, slightly less
successfully on the test data. For the second method, the Variational
Autoencoder will require further adjustments to be able to sufficiently filter
out anomalies from network traffic flows.
Related papers
- Purify Unlearnable Examples via Rate-Constrained Variational Autoencoders [101.42201747763178]
Unlearnable examples (UEs) seek to maximize testing error by making subtle modifications to training examples that are correctly labeled.
Our work provides a novel disentanglement mechanism to build an efficient pre-training purification method.
arXiv Detail & Related papers (2024-05-02T16:49:25Z) - A Transformer-Based Framework for Payload Malware Detection and Classification [0.0]
Techniques such as Deep Packet Inspection (DPI) have been introduced to allow IDSs analyze the content of network packets.
In this paper, we propose a revolutionary DPI algorithm based on transformers adapted for the purpose of detecting malicious traffic.
arXiv Detail & Related papers (2024-03-27T03:25:45Z) - T4P: Test-Time Training of Trajectory Prediction via Masked Autoencoder and Actor-specific Token Memory [39.021321011792786]
Trajectory prediction is a challenging problem that requires considering interactions among multiple actors.
Data-driven approaches have been used to address this complex problem, but they suffer from unreliable predictions under distribution shifts during test time.
We propose several online learning methods using regression loss from the ground truth of observed data.
Our method surpasses the performance of existing state-of-the-art online learning methods in terms of both prediction accuracy and computational efficiency.
arXiv Detail & Related papers (2024-03-15T06:47:14Z) - Traj-MAE: Masked Autoencoders for Trajectory Prediction [69.7885837428344]
Trajectory prediction has been a crucial task in building a reliable autonomous driving system by anticipating possible dangers.
We propose an efficient masked autoencoder for trajectory prediction (Traj-MAE) that better represents the complicated behaviors of agents in the driving environment.
Our experimental results in both multi-agent and single-agent settings demonstrate that Traj-MAE achieves competitive results with state-of-the-art methods.
arXiv Detail & Related papers (2023-03-12T16:23:27Z) - Training a Bidirectional GAN-based One-Class Classifier for Network
Intrusion Detection [8.158224495708978]
Existing generative adversarial networks (GANs) are primarily used for creating synthetic samples from reals.
In our proposed method, we construct the trained encoder-discriminator as a one-class classifier based on Bidirectional GAN (Bi-GAN)
Our experimental result illustrates that our proposed method is highly effective to be used in network intrusion detection tasks.
arXiv Detail & Related papers (2022-02-02T23:51:11Z) - Targeted Attack against Deep Neural Networks via Flipping Limited Weight
Bits [55.740716446995805]
We study a novel attack paradigm, which modifies model parameters in the deployment stage for malicious purposes.
Our goal is to misclassify a specific sample into a target class without any sample modification.
By utilizing the latest technique in integer programming, we equivalently reformulate this BIP problem as a continuous optimization problem.
arXiv Detail & Related papers (2021-02-21T03:13:27Z) - Increasing the Confidence of Deep Neural Networks by Coverage Analysis [71.57324258813674]
This paper presents a lightweight monitoring architecture based on coverage paradigms to enhance the model against different unsafe inputs.
Experimental results show that the proposed approach is effective in detecting both powerful adversarial examples and out-of-distribution inputs.
arXiv Detail & Related papers (2021-01-28T16:38:26Z) - Learning to Generate Content-Aware Dynamic Detectors [62.74209921174237]
We introduce a newpective of designing efficient detectors, which is automatically generating sample-adaptive model architecture.
We introduce a course-to-fine strat-egy tailored for object detection to guide the learning of dynamic routing.
Experiments on MS-COCO dataset demonstrate that CADDet achieves 1.8 higher mAP with 10% fewer FLOPs compared with vanilla routing.
arXiv Detail & Related papers (2020-12-08T08:05:20Z) - DNS Covert Channel Detection via Behavioral Analysis: a Machine Learning
Approach [0.09176056742068815]
We propose an effective covert channel detection method based on the analysis of DNS network data passively extracted from a network monitoring system.
The proposed solution has been evaluated over a 15-day-long experimental session with the injection of traffic that covers the most relevant exfiltration and tunneling attacks.
arXiv Detail & Related papers (2020-10-04T13:28:28Z) - Dataset Optimization Strategies for MalwareTraffic Detection [0.0]
We propose two novel dataset optimization strategies which exploit and combine several state-of-the-art approaches.
The first approach is a feature selection technique based on mutual information measures and sensibility enhancement.
The second is a dimensional reduction technique based autoencoders.
arXiv Detail & Related papers (2020-09-23T19:27:22Z) - Cassandra: Detecting Trojaned Networks from Adversarial Perturbations [92.43879594465422]
In many cases, pre-trained models are sourced from vendors who may have disrupted the training pipeline to insert Trojan behaviors into the models.
We propose a method to verify if a pre-trained model is Trojaned or benign.
Our method captures fingerprints of neural networks in the form of adversarial perturbations learned from the network gradients.
arXiv Detail & Related papers (2020-07-28T19:00:40Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.