5 research outputs found
Per-host DDoS mitigation by direct-control reinforcement learning
DDoS attacks plague the availability of online services today, yet like many cybersecurity problems are evolving and non-stationary. Normal and attack patterns shift as new protocols and applications are introduced, further compounded by burstiness and seasonal variation. Accordingly, it is difficult to apply machine learning-based techniques and defences in practice. Reinforcement learning (RL) may overcome this detection problem for DDoS attacks by managing and monitoring consequences; an agent’s role is to learn to optimise performance criteria (which are always available) in an online manner. We advance the state-of-the-art in RL-based DDoS mitigation by introducing two agent classes designed to act on a per-flow basis, in a protocol-agnostic manner for any network topology. This is supported by an in-depth investigation of feature suitability and empirical evaluation. Our results show the existence of flow features with high predictive power for different traffic classes, when used as a basis for feedback-loop-like control. We show that the new RL agent models can offer a significant increase in goodput of legitimate TCP traffic for many choices of host density
Multikonferenz Wirtschaftsinformatik (MKWI) 2016: Technische Universität Ilmenau, 09. - 11. März 2016; Band I
Ăśbersicht der Teilkonferenzen Band I:
• 11. Konferenz Mobilität und Digitalisierung (MMS 2016)
• Automated Process und Service Management
• Business Intelligence, Analytics und Big Data
• Computational Mobility, Transportation and Logistics
• CSCW & Social Computing
• Cyber-Physische Systeme und digitale Wertschöpfungsnetzwerke
• Digitalisierung und Privacy
• e-Commerce und e-Business
• E-Government – Informations- und Kommunikationstechnologien im öffentlichen Sektor
• E-Learning und Lern-Service-Engineering – Entwicklung, Einsatz und Evaluation technikgestützter Lehr-/Lernprozess