Measurement Based Evaluation and Mitigation of Flood Attacks on a LAN Test-Bed

TitleMeasurement Based Evaluation and Mitigation of Flood Attacks on a LAN Test-Bed
Publication TypeConference Paper
Year of PublicationIn Press
AuthorsNasereddin M, Nakip M, Gelenbe E
Conference NameThe 48th IEEE Conference on Local Computer Networks
PublisherIEEE
Conference LocationDaytona Beach, Florida, USA
KeywordsCybersecurity, Internet of Things, Intrusion Detection and Mitigation, Local Area Networks, UDP Flood Attacks
Abstract

The IoT's vulnerability to network attacks has motivated the design of intrusion detection schemes (IDS) using Machine Learning (ML), with a low computational cost for online detection but intensive offline learning. Such IDS can have high attack detection accuracy and are easily installed on servers that communicate with IoT devices. However, they are seldom evaluated in realistic operational conditions where IDS processing may be held up by the system overload created by attacks. Thus we first present an experimental study of UDP Flood Attacks on a Local Area Network Test-Bed, where the first line of defence is an accurate IDS using an Auto-Associative Dense Random Neural Network. The experiments reveal that during severe attacks, the packet and protocol management software overloads the multi-core server, and paralyses IDS detection. We therefore propose and experimentally evaluate an IDS design where decisions are made from a very small number of incoming packets, so that attacking traffic is dropped within milli-seconds after an attack begins and the paralysing effect of congestion is avoided.

DOI10.48550/arXiv.2305.10565

PDF version: 

Historia zmian

Data aktualizacji: 17/07/2023 - 10:32; autor zmian: Mert Nakip (mnakip@iitis.pl)