An intelligent, distributed and collaborative DDoS defense system

Liang, Xiaoyu (2021) An intelligent, distributed and collaborative DDoS defense system. Doctoral Dissertation, University of Pittsburgh. (Unpublished)

Preview

PDF Updated Version Download (3MB) | Preview

Abstract

The Distributed Denial-of-Service (DDoS) attack is known as one of the most destructive attacks on the Internet. With the advent of new computing paradigms, such as Cloud and Mobile computing, and the emergence of pervasive technology, such as the Internet of Things, on one hand, these revolutionized technologies enable the availability of services and applications to everyone. On the other hand, these techniques also benefit attackers to exploit the vulnerabilities and deploy attacks in more efficient ways. Latest network security reports have shown that distributed Denial of Service (DDoS) attacks have been growing dramatically in volume, frequency, sophistication and impact, making it one of the most challenging threats in the Internet. An unfortunate state of affairs is that the remediation strategies have fallen behind attackers. The severe impact caused by recent DDoS attacks strongly indicates the need for an effective DDoS defense system.

We study the current existing solution space, and summarize three fundamental requirements for an effective DDoS defense system: 1) an accurate detection with minimal false alarms; 2) an effective inline inspection and instant mitigation, and 3) a dynamic, distributed and collaborative defense infrastructure. This thesis aims at providing such a defense system that fulfills all the requirements.

In this thesis, we explore and address the problem from three directions: 1) we strive to understand the existing detection strategies and provide a survey of an empirical analysis of machine learning based detection techniques; 2) we develop a novel hybrid detection model which ensembles a deep learning model for a practical flow by flow detection and a classic machine learning model that is aware of the network status, and 3) we present the design and implementation of an intelligent, distributed and collaborative DDoS defense system that effectively mitigate the impact of DDoS attacks. The performance evaluation results show that our proposed defense system is capable of effectively mitigating DDoS attacks impacts and maintaining a limited disturbing for legitimate services.

---

Share

Citation/Export:	Select format... Citation - Text Citation - HTML Endnote BibTex Dublin Core OpenURL MARC (ISO 2709) METS MODS EP3 XML Reference Manager Refer
Social Networking:	Share |

---

Details

Item Type:	University of Pittsburgh ETD
Status:	Unpublished
Creators/Authors:	Creators Email Pitt Username ORCID Liang, Xiaoyu xil160@pitt.edu xil160 0000-0003-1035-6273
ETD Committee:	Title Member Email Address Pitt Username ORCID Committee Chair Taieb, Znati znati@cs.pitt.edu Committee Member Zhang, Youtao zhangyt@cs.pitt.edu Committee Member Hauskrecht, Milos milos@cs.pitt.edu Committee Member Joshi, James jjoshi@pitt.edu
Date:	8 September 2021
Date Type:	Publication
Defense Date:	25 May 2021
Approval Date:	8 September 2021
Submission Date:	31 July 2021
Access Restriction:	No restriction; Release the ETD for access worldwide immediately.
Number of Pages:	102
Institution:	University of Pittsburgh
Schools and Programs:	School of Computing and Information > Computer Science
Degree:	PhD - Doctor of Philosophy
Thesis Type:	Doctoral Dissertation
Refereed:	Yes
Uncontrolled Keywords:	DDoS defense, LSTM, distributed defense system, deep learning DDoS detection
Additional Information:	revised v3 for title of Figure 8
Date Deposited:	08 Sep 2021 13:22
Last Modified:	08 Sep 2021 13:22
URI:	http://d-scholarship.pitt.edu/id/eprint/41758

Available Versions of this Item

• An Intelligent, Distributed and Collaborative DDoS Defense System. (deposited UNSPECIFIED)

---

Metrics

Monthly Views for the past 3 years

Plum Analytics

---

Actions (login required)

View Item