The Synthesis Company of San Francisco Mountain Logo

Abstract

The weaknesses of Internet of Things (IoT) devices leads to vulnerabilities easily, which can be exploited by criminals to launch Distributed Denial-of-Service (DDoS) attacks, becoming a major security hazard. Nowadays, the rapid development of the IoT makes the IoT-based DDoS attacks have the characteristics of wide distribution, large scale, and more stealthy that brings greater challenges for the DDoS detection. In this article, we conduct our research based on the edge side of IoT for providing earlier detection capability and more efficient resource utilization. We propose a novel reinforcement learning-based collaborative DDoS detection method and design a lightweight unsupervised classifier based on statistics. We deploy the classifiers in IoT edge gateways to detect anomalies by analyzing network traffic features in time. In order to deal with the dynamic changes of the IoT environment, we use the soft actor–critic (SAC) reinforcement learning model deployed on the edge server to adjust the parameter configuration of the underlying unsupervised classifier dynamically, which can ensure excellent detection effect for different types of IoT devices. In addition, a collaborative aggregation module is designed in the edge server to share the observation state and historical experience, which has a unique collaborative reward mechanism for the reinforcement learning model to fully mobilize the collaborative work capability. The experiments on public data set and constructed real-world testbed demonstrate that our proposed method has excellent detection performance and especially it can also discover stealthy IoT-based DDoS attacks accurately.

A Collaborative Stealthy DDoS Detection Method Based on Reinforcement Learning at the Edge of Internet of Things

Citations Over TimeTop 10% of 2023 papers

Abstract

Related Papers