An Amplification DDoS Attack Defence Mechanism using Reinforcement Learning

Amplification distributed denial of service attacks constitute a rapidly evolving threat in the current Internet, which is difficult to be defended for its camouflage and distributability. Inspired by recent advances in AI, we consider building an intelligent model that learn to defend amplification attacks directly from traffic. Specifically, we design a novel traffic throttling model using reinforcement learning, and the reinforcement learning agent makes the traffic throttling strategy by receiving traffic data. The reward of the model is calculated based on the proportion of the legitimate traffic transmitted, and the action is considered while evaluating the payload of the network. The results of experiments show that the RL method converges quickly and can effectively identify and discard attack traffic after a period training. Furthermore, we compare our proposed approach against a baseline and a conventional port-based approach and we show the superiority of our approach.

Ҳали таржима қилинмаган