CPSS LR-DDoS Detection and Defense in Edge Computing Utilizing DCNN Q-Learning

ZengGuang Liu, XiaoChun Yin, Yuemei Hu
2020 IEEE Access  
Existing intrusion detection and defense models for CPSS (Cyber-Physical-Social Systems) are based on analyzing the static intrusion characteristics, which cannot effectively detect large-scale Low-Rate Denial-of-Service (LR-DDoS) attacks, especially in the edge environment. In this paper, we firstly explore and enhance Mirai botnet to a sophisticated multi-targets low-rate TCP attack network, which makes edge LR-DDoS more powerful and obfuscates their activity. And then, we develop a novel
more » ... usion detection and defense hybrid method for above CPSS LR-DDoS scenario in edge environment, which takes advantage of locality sensitive features extraction and Deep Convolution Neural Network (DCNN) to auto learn the optimal features of the original data distribution and employs deep reinforcement learning Q-network as the powerful decision maker to defend attacks. The experimental results in detection phase prove the proposed method can distinguish abnormal network attack flows with higher detection accuracy and faster response time than kinds of Support Vector Machines (SVM), K-means and Surface Learning Neural Network etc. Even more, it has a certain detection rate for unknown new attacks, which means the method is effective and suitable for the actual network environment. The experimental results in defense phase prove it can defense LR-DDoS attacks smoothly. INDEX TERMS Deep convolution neural network, Q learning, deep reinforcement learning, edge computing, LR-DDoS, CPSS. This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see http://creativecommons.org/licenses/by/4.0/ VOLUME 8, 2020
doi:10.1109/access.2020.2976706 fatcat:7azagv5yw5ddlcduwuwvf6aeiu