Abstract
Networking equipment that connects households to an operator network, such as home gateways and routers, are major victims of cyber-attacks, being exposed to a number of threats, from misappropriation of user accounts by malicious agents to access to personal information and data, threatening users’ privacy and security. The exposure surface to threats is even wider when the growing ecosystem of Internet-of-Things devices is considered. Thus, it is beneficial for the operator and customer that a security service is provided to protect this ecosystem. The service should be tailored to the particular needs and Internet usage profile of the customer network. For this purpose, Machine Learning methods can be explored to learn typical behaviours and identify anomalies. In this paper, we present preliminary insights into the architecture and mechanisms of a security service offered by an Internet Service Provider. We focus on Distributed Denial-of-Service kind of attacks and define the system requirements. Finally, we analyse the trade-offs of distributing the service between operator equipment deployed at the customer premises and cloud-hosted servers.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Dehkordi, A.B., Soltanaghaei, M., Boroujeni, F.Z.: The DDoS attacks detection through machine learning and statistical methods in SDN. J. Supercomput. 77, 1–33 (2020). https://doi.org/10.1007/s11227-020-03323-w
Doshi, R., Apthorpe, N., Feamster, N.: Machine learning DDoS detection for consumer internet of things devices. In: 2018 IEEE Security and Privacy Workshops (SPW), San Francisco, CA, pp. 29–35. IEEE, May 2018. https://doi.org/10.1109/SPW.2018.00013
Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on IoT security: application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019). https://doi.org/10.1109/ACCESS.2019.2924045
Hwang, R.H., Lin, P.C., Nguyen, V.L.: An unsupervised deep learning model for early network traffic anomaly detection. IEEE Access 8, 13 (2020)
Hwang, R.H., Peng, M.C., Nguyen, V.L., Chang, Y.L.: An LSTM-based deep learning approach for classifying malicious traffic at the packet level. Appl. Sci. 9(16), 3414 (2019). https://doi.org/10.3390/app9163414
Konečný, J., McMahan, H.B., Yu, F.X., Richtárik, P., Suresh, A.T., Bacon, D.: Federated Learning: Strategies for Improving Communication Efficiency. arXiv:1610.05492 [cs], October 2017
Kwon, D., Kim, H., Kim, J., Suh, S.C., Kim, I., Kim, K.J.: A survey of deep learning-based network anomaly detection. Clust. Comput. 22(1), 949–961 (2017). https://doi.org/10.1007/s10586-017-1117-8
McMahan, H.B., Moore, E., Ramage, D., Hampson, S., Arcas, B.A.: Communication-Efficient Learning of Deep Networks from Decentralized Data. arXiv:1602.05629 [cs], February 2017
Perez-Diaz, J.A., Valdovinos, I.A., Choo, K.K.R., Zhu, D.: A flexible SDN-based architecture for identifying and mitigating low-rate DDoS attacks using machine learning. IEEE Access 8, 155859–155872 (2020). https://doi.org/10.1109/ACCESS.2020.3019330
Santos, R., Souza, D., Santo, W., Ribeiro, A., Moreno, E.: Machine learning algorithms to detect DDoS attacks in SDN. Concurr. Comput. Pract. Exp. 32(16), e5402 (2020). https://doi.org/10.1002/cpe.5402
Tahsien, S.M., Karimipour, H., Spachos, P.: Machine learning based solutions for security of internet of things (IoT): a survey. J. Netw. Comput. Appl. 161, 102630 (2020). https://doi.org/10.1016/j.jnca.2020.102630
Yuan, X., Li, C., Li, X.: DeepDefense: identifying DDoS attack via deep learning. In: 2017 IEEE International Conference on Smart Computing (SMARTCOMP), Hong Kong, China, pp. 1–8. IEEE, May 2017. https://doi.org/10.1109/SMARTCOMP.2017.7946998
Zhuang, F., et al.: A comprehensive survey on transfer learning. Proc. IEEE 109(1), 43–76 (2021). https://doi.org/10.1109/JPROC.2020.3004555
Acknowledgements
This work was partially supported by National Funds through FCT/MCTES (Portuguese Foundation for Science and Technology), within the CISTER Research Unit (UIDB/04234/2020), and by the Portuguese National Innovation Agency (ANI) through the Operational Competitiveness Programme and Internationalization (COMPETE 2020) under the PT2020 Partnership Agreement, through the European Regional Development Fund (ERDF), within project(s) grant nr. 69522, POCI-01-0247-FEDER-069522 (MIRAI).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 IFIP International Federation for Information Processing
About this paper
Cite this paper
Santos, P.M. et al. (2021). Towards a Distributed Learning Architecture for Securing ISP Home Customers. In: Maglogiannis, I., Macintyre, J., Iliadis, L. (eds) Artificial Intelligence Applications and Innovations. AIAI 2021 IFIP WG 12.5 International Workshops. AIAI 2021. IFIP Advances in Information and Communication Technology, vol 628. Springer, Cham. https://doi.org/10.1007/978-3-030-79157-5_26
Download citation
DOI: https://doi.org/10.1007/978-3-030-79157-5_26
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-79156-8
Online ISBN: 978-3-030-79157-5
eBook Packages: Computer ScienceComputer Science (R0)