TY - GEN
T1 - Examining the security of DDoS detection systems in software defined networks
AU - Abusnaina, Ahmed
AU - Yuksel, Murat
AU - Nyang, Dae Hun
AU - Mohaisen, Aziz
N1 - Funding Information:
Acknowledgement. This work is supported in part by NVIDIA GPU Grant, NRF-2016K1A1A2912757, and NSF awards 1647189, 1814086, and 1643207.
Funding Information:
This work investigated the robustness of DL-based DDoS defenses in SDN against adversarial attacks. Flow-Merge utilizes a weighted merging technique over ratio-based features to craft the AEs. The evaluation results show a misclassification rate of 99.84% using generic adversarial attacks. Moreover, Flow-Merge produces realistic adversarial flows for targeted misclassification with a success rate of 100%, misclassifying all malicious flows into benign. The extended version of this work can be found in [2]. Acknowledgement. This work is supported in part by NVIDIA GPU Grant, NRF-2016K1A1A2912757, and NSF awards 1647189, 1814086, and 1643207.
Publisher Copyright:
© 2019 held by the owner/author(s).
PY - 2019/12/9
Y1 - 2019/12/9
N2 - With the rapid development of Software-Defined Networking (SDN) advocating a centralized view of networks, efficient and reliable Distributed Denial of Service (DDoS) defenses are necessary to protect the centralized SDN controller. In this work, we explore the robustness of DL-based DDoS defenses in SDN against adversarial learning attacks. First, we investigate generic off-the-shelf adversarial attacks to test the robustness of DDoS defenses in SDN. Then, we propose Flow-Merge for realistic adversarial flows while achieving a high evasion rate. The evaluation shows that the proposed Flow-Merge is able to force the DL-based DDoS defenses to misclassify 100% of benign flows as malicious.
AB - With the rapid development of Software-Defined Networking (SDN) advocating a centralized view of networks, efficient and reliable Distributed Denial of Service (DDoS) defenses are necessary to protect the centralized SDN controller. In this work, we explore the robustness of DL-based DDoS defenses in SDN against adversarial learning attacks. First, we investigate generic off-the-shelf adversarial attacks to test the robustness of DDoS defenses in SDN. Then, we propose Flow-Merge for realistic adversarial flows while achieving a high evasion rate. The evaluation shows that the proposed Flow-Merge is able to force the DL-based DDoS defenses to misclassify 100% of benign flows as malicious.
KW - Adversarial Attacks
KW - Deep Learning
KW - Distributed Denial of Service
KW - Intrusion Detection
UR - http://www.scopus.com/inward/record.url?scp=85077961871&partnerID=8YFLogxK
U2 - 10.1145/3360468.3368174
DO - 10.1145/3360468.3368174
M3 - Conference contribution
AN - SCOPUS:85077961871
T3 - CoNEXT 2019 Companion - Proceedings of the 15th International Conference on Emerging Networking EXperiments and Technologies, Part of CoNEXT 2019
SP - 49
EP - 50
BT - CoNEXT 2019 Companion - Proceedings of the 15th International Conference on Emerging Networking EXperiments and Technologies, Part of CoNEXT 2019
PB - Association for Computing Machinery, Inc
T2 - 15th International Conference on Emerging Networking EXperiments and Technologies, CoNEXT 2019 - Part of CoNEXT 2019
Y2 - 9 December 2019 through 12 December 2019
ER -