Proceedings ArticleDOI
Reinforcement Learning for Attack Mitigation in SDN-enabled Networks
Mikhail Zolotukhin,Sanjay Kumar,Timo Hämäläinen +2 more
- pp 282-286
TLDR
An intelligent defense system implemented as a reinforcement machine learning agent that processes current network state and takes a set of necessary actions in form of software-defined networking flows to redirect certain network traffic to virtual appliances is proposed.Abstract:
With the recent progress in the development of low-budget sensors and machine-to-machine communication, the Internet-of-Things has attracted considerable attention. Unfortunately, many of today's smart devices are rushed to market with little consideration for basic security and privacy protection making them easy targets for various attacks. Unfortunately, organizations and network providers use mostly manual workflows to address malware-related incidents and therefore they are able to prevent neither attack damage nor potential attacks in the future. Thus, there is a need for a defense system that would not only detect an intrusion on time, but also would make the most optimal real-time crisis-action decision on how the network security policy should be modified in order to mitigate the threat. In this study, we are aiming to reach this goal relying on advanced technologies that have recently emerged in the area of cloud computing and network virtualization. We are proposing an intelligent defense system implemented as a reinforcement machine learning agent that processes current network state and takes a set of necessary actions in form of software-defined networking flows to redirect certain network traffic to virtual appliances. We also implement a proof-of-concept of the system and evaluate a couple of state-of-art reinforcement learning algorithms for mitigating three basic network attacks against a small realistic network environment.read more
Citations
More filters
Journal ArticleDOI
Machine learning techniques in emerging cloud computing integrated paradigms: A survey and taxonomy
Dinesh Soni,Neetesh Kumar +1 more
TL;DR: A detailed literature review of emerging cloud computing paradigms: cloud, edge, fog, mist, Internet of Things (IoT), SDN, cybertwin, and industry 4.0 is presented in this article .
Journal ArticleDOI
Towards the security automation in Software Defined Networks
TL;DR: In this article, a survey of the state-of-the-art research efforts concerned with security automation in SDN environments is presented, which identifies and ranks various classes of security solutions with different levels of automation and complexity.
Journal ArticleDOI
Review of Botnet Attack Detection in SDN-Enabled IoT Using Machine Learning
Worku Gachena Negera,Friedhelm Schwenker,Taye Girma Debelee,Henock Mulugeta Melaku,Yehualashet Megersa Ayano +4 more
TL;DR: In this paper , the authors investigate research studies that applied machine learning techniques for deterring botnet attacks in SDN-enabled IoT networks and discuss the performance of these techniques in detecting and mitigating botnet attack.
Journal ArticleDOI
DeepAir: Deep Reinforcement Learning for Adaptive Intrusion Response in Software-Defined Networks
Trung V. Phan,Thomas Bauschert +1 more
TL;DR: DeepAir can effectively prevent malicious packets from arriving at the victim in all considered DoS attack scenarios, and can significantly reduce the ratio of Quality-of-Service violated traffic flows compared to a ${Q}$ -learning based approach.
Journal ArticleDOI
DeepAir: Deep Reinforcement Learning for Adaptive Intrusion Response in Software-Defined Networks
TL;DR: In this paper , the authors proposed an adaptive intrusion response solution based on deep reinforcement learning, namely DeepAir, to effectively defend against cyber-attacks in Software-Defined Networks (SDN).
References
More filters
Posted Content
Proximal Policy Optimization Algorithms
TL;DR: A new family of policy gradient methods for reinforcement learning, which alternate between sampling data through interaction with the environment, and optimizing a "surrogate" objective function using stochastic gradient ascent, are proposed.
Proceedings Article
Soft Actor-Critic: Off-Policy Maximum Entropy Deep Reinforcement Learning with a Stochastic Actor
TL;DR: This paper proposes soft actor-critic, an off-policy actor-Critic deep RL algorithm based on the maximum entropy reinforcement learning framework, and achieves state-of-the-art performance on a range of continuous control benchmark tasks, outperforming prior on-policy and off- policy methods.
Proceedings Article
Understanding the mirai botnet
Manos Antonakakis,Tim April,Michael Bailey,Matthew Bernhard,Elie Bursztein,Jaime Cochran,Zakir Durumeric,J. Alex Halderman,Luca Invernizzi,Michalis Kallitsis,Deepak Kumar,Chaz Lever,Zane Ma,Joshua Mason,D. Menscher,Chad Seaman,Nick Sullivan,Kurt Thomas,Yi Zhou +18 more
TL;DR: It is argued that Mirai may represent a sea change in the evolutionary development of botnets--the simplicity through which devices were infected and its precipitous growth, and that novice malicious techniques can compromise enough low-end devices to threaten even some of the best-defended targets.
Proceedings Article
Rainbow: Combining Improvements in Deep Reinforcement Learning
Matteo Hessel,Joseph Modayil,Hado van Hasselt,Tom Schaul,Georg Ostrovski,Will Dabney,Dan Horgan,Bilal Piot,Mohammad Gheshlaghi Azar,David Silver +9 more
TL;DR: In this article, the authors examined six extensions to the DQN algorithm and empirically studied their combination, showing that the combination provided state-of-the-art performance on the Atari 2600 benchmark.
Proceedings ArticleDOI
Enforcing network-wide policies in the presence of dynamic middlebox actions using flowtags
TL;DR: The FlowTags architecture is developed, which helps restore two key SDN tenets: bindings between packets and their "origins," and ensuring that packets follow policy-mandated paths.