Smart Defender: um sistema de detecção e mitigação de ataques DoS/DDoS usando aprendizagem de máquina
Denial of Service Attack (DoS) and its distributed variant (DDoS) represent one of the most significant risks to the availability of services operating on the Internet. This cyber threat continues to grow worldwide and is detrimental even with the advancement of network protection technologies. De...
Na minha lista:
Autor principal: | |
---|---|
Outros Autores: | |
Formato: | doctoralThesis |
Idioma: | pt_BR |
Publicado em: |
Brasil
|
Assuntos: | |
Endereço do item: | https://repositorio.ufrn.br/jspui/handle/123456789/28470 |
Tags: |
Adicionar Tag
Sem tags, seja o primeiro a adicionar uma tag!
|
Resumo: | Denial of Service Attack (DoS) and its distributed variant (DDoS) represent one of
the most significant risks to the availability of services operating on the Internet. This cyber threat continues to grow worldwide and is detrimental even with the advancement of
network protection technologies. Developing mechanisms that can detect and mitigate the
impacts of malicious traffic generated by DDoS attacks is a current challenge in network
security, with a direct impact on the lives of the world’s population. This work proposes
the Smart Defender system as an approach to reduce the impact of these attacks. This
system consists of two tools, Smart Detection (SD) and Smart Protection (SP), which
operate in an integrated and distributed manner. The proposed detection system makes
decisions based on pre-existing signatures using Machine Learning (ML) techniques to
classify network traffic. The protection system enforces rules to control unwanted traffic
and mitigate the effects of DDoS, given the information shared by the detection system
and the security policy of the local network. In the experiments performed, modern reference data sets and controlled laboratory tests were used. The results show that the proposed solution is capable of early detection of high hit rate and low false alarm rate DDoS attacks, as well as isolating the threat in the first minute of attack. |
---|