A Method for Deploying Distributed Denial of Service Attack Defense Strategies on Edge Servers Using Reinforcement Learning

Cloud-based filtering, as the most commonly used distributed denial of service attack mitigation method in the industry, has flaws that can cause privacy leaks and delays like other cloud applications. A new DDoS mitigation method which moving cloud filtering services to edge servers is proposed in...

Full description

Saved in:
Bibliographic Details
Published in:IEEE access 2020, Vol.8, p.78482-78491
Main Authors: Zhang, Haodi, Hao, Jianye, Li, Xiaohong
Format: Article
Language:English
Subjects:
Cloud computing
Computer crime
Computing time
Delays
Denial of service attacks
distributed denial of service attack
Edge computing
Filtration
graph convolutional network
Graph neural networks
Inspection
Learning
reinforcement learning
Resource management
Servers
Traffic delay
Traffic information
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Cloud-based filtering, as the most commonly used distributed denial of service attack mitigation method in the industry, has flaws that can cause privacy leaks and delays like other cloud applications. A new DDoS mitigation method which moving cloud filtering services to edge servers is proposed in this paper. In this method, the edge servers are deployed at various router locations and run classifiers to filter the traffic passing through. For cutting attack traffic, reserving user traffic and reducing inspection delays, a novel deep reinforcement learning framework is developed to balance the deployment of computing resource and tasks allocation, in which graph neural network used to coding the network structure information transformation as vector, and the traffic information to input into Q-Network to obtain the best allocation results. The simulation experiments show that our method has advantages in optimizing effects and computing time compared with other deployment methods.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2020.2989353