INSPIRE-5Gplus developments published in top-ranked journal
The INSPIRE-5Gplus-related paper entitled “Distributed real-time SlowDoS attacks detection over encrypted traffic using Artificial Intelligence” has been recently published in the prestigious Elsevier’s Journal of Network and Computer Applications.
This research focuses on Slow Denial of Service (SlowDos) attacks, which exploit slow transmissions on application-level protocols like HTTP to carry out denial of service against web-servers. These attacks are difficult to be detected with traditional signature-based intrusion detection approaches, even more when the HTTP traffic is encrypted. To cope with this challenge, this paper describes and AI-based anomaly detection system for real-time detection of SlowDoS attacks over application-level encrypted traffic.
The presented system monitors in real-time the network traffic, analyzing, processing, and aggregating packets into conversation flows, getting valuable features and statistics that are dynamically analyzed in streaming for AI-based anomaly detection. The distributed AI model combines clustering analysis for anomaly detection, along with deep learning techniques to increase detection accuracy in those cases where clustering obtains ambiguous probabilities. The proposal has been implemented and validated in a real testbed, showing its feasibility, performance and accuracy for detecting in real-time different kinds of SlowDoS attacks over encrypted traffic. The presented results are close to the optimal precision value with a success rate 98%, while the false negative rate takes a value below 0.5%.
Further information: https://doi.org/10.1016/j.jnca.2020.102871