Toward a real-time TCP SYN Flood DDoS mitigation using Adaptive Neuro-Fuzzy classifier and SDN Assistance in Fog Computing
- URL: http://arxiv.org/abs/2311.15633v1
- Date: Mon, 27 Nov 2023 08:54:00 GMT
- Title: Toward a real-time TCP SYN Flood DDoS mitigation using Adaptive Neuro-Fuzzy classifier and SDN Assistance in Fog Computing
- Authors: Radjaa Bensaid, Nabila Labraoui, Ado Adamou Abba Ari, Leandros Maglaras, Hafida Saidi, Ahmed Mahmoud Abdu Lwahhab, Sihem Benfriha,
- Abstract summary: We propose mitigation of Fog computing-based SYN Flood DDoS attacks using an Adaptive Neuro-Fuzzy Inference System (ANFIS) and Software Defined Networking (SDN) Assistance (FASA)
The simulation results show that FASA system outperforms other algorithms in terms of accuracy, precision, recall, and F1-score.
- Score: 0.31318403497744784
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: The growth of the Internet of Things (IoT) has recently impacted our daily lives in many ways. As a result, a massive volume of data is generated and needs to be processed in a short period of time. Therefore, the combination of computing models such as cloud computing is necessary. The main disadvantage of the cloud platform is its high latency due to the centralized mainframe. Fortunately, a distributed paradigm known as fog computing has emerged to overcome this problem, offering cloud services with low latency and high-access bandwidth to support many IoT application scenarios. However, Attacks against fog servers can take many forms, such as Distributed Denial of Service (DDoS) attacks that severely affect the reliability and availability of fog services. To address these challenges, we propose mitigation of Fog computing-based SYN Flood DDoS attacks using an Adaptive Neuro-Fuzzy Inference System (ANFIS) and Software Defined Networking (SDN) Assistance (FASA). The simulation results show that FASA system outperforms other algorithms in terms of accuracy, precision, recall, and F1-score. This shows how crucial our system is for detecting and mitigating TCP SYN floods DDoS attacks.
Related papers
- Feature Selection using the concept of Peafowl Mating in IDS [2.184775414778289]
Cloud computing provides services that are Infrastructure based, Platform based and Software based.
The popularity of this technology is due to its superb performance, high level of computing ability, low cost of services, scalability, availability and flexibility.
The obtainability and openness of data in cloud environment make it vulnerable to the world of cyber-attacks.
To detect the attacks Intrusion Detection System is used, that can identify the attacks and ensure information security.
arXiv Detail & Related papers (2024-02-03T06:04:49Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - A Novel Supervised Deep Learning Solution to Detect Distributed Denial
of Service (DDoS) attacks on Edge Systems using Convolutional Neural Networks
(CNN) [0.41436032949434404]
This project presents a novel deep learning-based approach for detecting DDoS attacks in network traffic.
The algorithm employed in this study exploits the properties of Convolutional Neural Networks (CNN) and common deep learning algorithms.
The results of this study demonstrate the effectiveness of the proposed algorithm in detecting DDOS attacks, achieving an accuracy of.9883 on 2000 unseen flows in network traffic.
arXiv Detail & Related papers (2023-09-11T17:37:35Z) - Overload: Latency Attacks on Object Detection for Edge Devices [47.9744734181236]
This paper investigates latency attacks on deep learning applications.
Unlike common adversarial attacks for misclassification, the goal of latency attacks is to increase the inference time.
We use object detection to demonstrate how such kind of attacks work.
arXiv Detail & Related papers (2023-04-11T17:24:31Z) - Detection of DDoS Attacks in Software Defined Networking Using Machine
Learning Models [0.6193838300896449]
This paper investigates the effectiveness of machine learning algorithms to detect distributed denial-of-service (DDoS) attacks in software-defined networking (SDN) environments.
The results indicate that ML-based detection is a more accurate and effective method for identifying DDoS attacks in SDN.
arXiv Detail & Related papers (2023-03-11T22:56:36Z) - Fluid Batching: Exit-Aware Preemptive Serving of Early-Exit Neural
Networks on Edge NPUs [74.83613252825754]
"smart ecosystems" are being formed where sensing happens concurrently rather than standalone.
This is shifting the on-device inference paradigm towards deploying neural processing units (NPUs) at the edge.
We propose a novel early-exit scheduling that allows preemption at run time to account for the dynamicity introduced by the arrival and exiting processes.
arXiv Detail & Related papers (2022-09-27T15:04:01Z) - An Adaptive Device-Edge Co-Inference Framework Based on Soft
Actor-Critic [72.35307086274912]
High-dimension parameter model and large-scale mathematical calculation restrict execution efficiency, especially for Internet of Things (IoT) devices.
We propose a new Deep Reinforcement Learning (DRL)-Soft Actor Critic for discrete (SAC-d), which generates the emphexit point, emphexit point, and emphcompressing bits by soft policy iterations.
Based on the latency and accuracy aware reward design, such an computation can well adapt to the complex environment like dynamic wireless channel and arbitrary processing, and is capable of supporting the 5G URL
arXiv Detail & Related papers (2022-01-09T09:31:50Z) - SPINN: Synergistic Progressive Inference of Neural Networks over Device
and Cloud [13.315410752311768]
A popular alternative comprises offloading CNN processing to powerful cloud-based servers.
SPINN is a distributed inference system that employs synergistic device-cloud together with a progressive inference method.
It provides robust operation under uncertain connectivity conditions and significant energy savings compared to cloud-centric execution.
arXiv Detail & Related papers (2020-08-14T15:00:19Z) - Data Mining with Big Data in Intrusion Detection Systems: A Systematic
Literature Review [68.15472610671748]
Cloud computing has become a powerful and indispensable technology for complex, high performance and scalable computation.
The rapid rate and volume of data creation has begun to pose significant challenges for data management and security.
The design and deployment of intrusion detection systems (IDS) in the big data setting has, therefore, become a topic of importance.
arXiv Detail & Related papers (2020-05-23T20:57:12Z) - Using AI for Mitigating the Impact of Network Delay in Cloud-based
Intelligent Traffic Signal Control [8.121462458089143]
We introduce a new traffic signal control algorithm based on reinforcement learning, which performs well even under severe network delay.
The framework introduced in this paper can be helpful for all agent-based systems where network delay could be a critical concern.
arXiv Detail & Related papers (2020-02-19T17:30:07Z) - Adaptive Anomaly Detection for IoT Data in Hierarchical Edge Computing [71.86955275376604]
We propose an adaptive anomaly detection approach for hierarchical edge computing (HEC) systems to solve this problem.
We design an adaptive scheme to select one of the models based on the contextual information extracted from input data, to perform anomaly detection.
We evaluate our proposed approach using a real IoT dataset, and demonstrate that it reduces detection delay by 84% while maintaining almost the same accuracy as compared to offloading detection tasks to the cloud.
arXiv Detail & Related papers (2020-01-10T05:29:17Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.