Litcius/Paper detail

RL-Shield: Mitigating Target Link-Flooding Attacks Using SDN and Deep Reinforcement Learning Routing Algorithm

Amir Rezapour, Wen-Guey Tzeng

2021IEEE Transactions on Dependable and Secure Computing31 citationsDOI

Abstract

Link-flooding attacks (LFAs) are a new type of distributed denial-of-service (DDoS) attacks that can substantially damage network connectivity. LFAs flows are seemingly legitimate at the origin. But their cumulative volume at critical links causes congestion. We propose RL-Shield, a reinforcement learning based defense system against LFAs. It mitigates LFAs and, at the same time, effectively forwards data traffic in the network. RL-Shield introduces a new detection algorithm for monitoring IP behaviors using the Dirichlet distribution and Bayesian statistics. It monitors the interplay of LFAs and traffic engineering and identifies source IPs that persistently react to re-routing events. The detection algorithm controls two reinforcement learning based routing algorithms that use a hop-by-hop technique to connect related node pairs.We evaluate RL-Shield on various network topologies by simulating several attack strategies. The simulation results demonstrate the effectiveness and high-accuracy of RL-Shield.

Topics & Concepts

Denial-of-service attackComputer scienceReinforcement learningFlooding (psychology)Computer networkNetwork topologyDistributed computingAlgorithmArtificial intelligenceThe InternetPsychologyPsychotherapistWorld Wide WebSoftware-Defined Networks and 5GNetwork Security and Intrusion DetectionInternet Traffic Analysis and Secure E-voting
RL-Shield: Mitigating Target Link-Flooding Attacks Using SDN and Deep Reinforcement Learning Routing Algorithm | Litcius