簡易檢索 / 詳目顯示

研究生: 黃予晴
Yu-Ching Huang
論文名稱: 生成對抗網路之產生鏈結洪泛攻擊
A Generative Adversarial Network to Generate Link Flooding Attacks
指導教授: 賴源正
Yuan-Cheng Lai
口試委員: 查士朝
Shi-Cho Cha
陳彥宏
Yen-Hung Chen
學位類別: 碩士
Master
系所名稱: 管理學院 - 資訊管理系
Department of Information Management
論文出版年: 2020
畢業學年度: 108
語文別: 英文
論文頁數: 32
中文關鍵詞: 鏈結洪泛攻擊生成對抗網路深度學習
外文關鍵詞: Link Flooding Attack, Generative Adversarial Network, deep learning
相關次數: 點閱:1110下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

鏈結洪泛攻擊(Link Flooding Attack, LFA)主要以目標區域內的多台伺服器作為目標,此攻擊會堵塞目標鏈結—目標區域與外部區域間的鏈結,因為利用低速且大量的流量來偽裝成正常流量,而造成偵測不易。為了設計出良好的LFA防禦機制,必需有多元且完整之攻擊。以往LFA使用的攻擊方式有兩種,一種是佈署機器人在不斷地互相傳輸流量;另一種是調整拓樸中目標鏈結的使用率,模擬被攻擊時使用率提高的狀況,然而這些方法極需仰賴設計者自身的豐富經驗。
為了提供LFA防禦系統更符合的攻擊型態,本研究提出了一種針對LFA的產生方法DLAG (Deep Learning Attack Generator),其運用深度學習中的生成對抗網路架構(Generative Adversarial Network, GAN),並使用卷積神經網路(Convolutional Nerual Network, CNN)及長短期記憶演算法(Long Short-Term Memory, LSTM),分別降低計算的維度及產生出具有時間序列的LFA,產生出的攻擊會自動找出防禦機制的脆弱處,盡可能避開被偵測到之可能性。實驗結果顯示DLAG 在有8條目標鏈結的拓樸下,能夠產生出避開防禦機制的攻擊流量可達92.45%,大幅優於模糊測試中隨機攻擊之20.35%,且不論多少數量的目標鏈結,DLAG都能保持90%以上的避開機率。


Link Flooding Attack (LFA) will not only attack one server but a target area, which include several servers. By sending large-volume, stealthy and low-rate traffic to flood target links, which are the important links connect between target area and outside servers. As disguise normal traffic, LFA is hard to detect. In order to design a better LFA defense model, there should be multiple attack for testing. Simulation LFA are concluded in two types, one is to use bots sending traffic constantly, another is to adjust utizilation of target links to simulation the links are attacked. However, those ways need much experience of the designers.
In order to provide LFA defense model a more correspondant attack simualation, Deep Learning Attack Generator (DLAG) is the model in connection with generating LFA. The structure of DLAG is Generative Adversarial Network(GAN), and conclude Convolutional Nerual Network (CNN) and Long Short-Term Memory (LSTM), the former is to lower dimension in caculating, the latter is to generate LFA with time sequence, which may find the vulnerability in defense model, and bypass the target links may be detected.
The result is shown that in the topology with eight target links, the bypassing rate in DLAG is up to 92.45%, and this is better than fuzz testing 20.35%, which attack randomly. Moreover, no matter how many target links are there in the topology, the bypassing rate in DLAG may keep as 90%.

摘要 I Abstract II List of Tables IV List of Figures V Chapter 1 Introduction 1 Chapter 2 Related Work 4 2.1 Link Flooding Attacks simulation method 4 2.2 Introduction of Generative Adversarial Network (GAN) 6 2.3 Introduction of Convolutional Neural Network (CNN) 6 2.4 Introduction of Long Short-term Memory (LSTM) 7 Chapter 3 System Model and Problem Statement 9 3.1 Used notations 9 3.2 System model 10 3.3 Problem statement 11 Chapter 4 Design of DLAG model 12 4.1 Concept of DLAG model 12 4.2 Why CNN in DLAG 13 4.3 DLAG model: discriminator 14 4.4 DLAG model: generator 15 Chapter 5 Environment Setup and Performance Evaluation 16 5.1 Scenario and parameter 16 5.2 Performance metrics 18 5.3 The effects of the number of convolution layers 19 5.4 The effects of the number of target links 20 Chapter 6 Conclusion and Future Work 22 References 23

[1]J. Zheng, Q. Li, G. Gu, J. Cao, D. K. Y. Yau, and J. Wu, "Realtime DDoS Defense Using COTS SDN Switches via Adaptive Correlation Analysis," IEEE Transactions on Information Forensics and Security, vol. 13, no. 7, pp. 1838-1853, 2018.
[2]A. Aydeger, N. Saputro, K. Akkaya, and M. Rahman, "Mitigating Crossfire Attacks Using SDN-Based Moving Target Defense," in 2016 IEEE 41st Conference on Local Computer Networks (LCN), 2016, pp. 627-630.
[3]M. Aamir and M. Arif, “Study and Performance Evaluation on Recent DDoS Trends of Attack & Defense,” International Journal of Information Technology and Computer Science, vol. 5, no. 8, pp. 54-65, 2013.
[4]C. Liaskos and S. Ioannidis, “Network Topology Effects on the Detectability of Crossfire Attacks,” IEEE Transactions on Information Forensics and Security, vol. 13, no. 7, pp. 1682-1695, 2018.
[5]M. S. Kang, S. B. Lee, and V. D. Gligor, “The Crossfire Attack,” IEEE Symposium on Security and Privacy, pp. 127-141, 2013.
[6]W. Lei, L. Qing, J. Yong, and W. Jianping, "Towards mitigating Link Flooding Attack via incremental SDN deployment," in 2016 IEEE Symposium on Computers and Communication (ISCC), 2016, pp. 397-402.
[7]T. Hirayama, K. Toyoda, and I. Sasase, "Fast target link flooding attack detection scheme by analyzing traceroute packets flow," in 2015 IEEE International Workshop on Information Forensics and Security (WIFS), 2015, pp. 1-6.
[8]K. Sakuma, H. Asahina, S. Haruta, and I. Sasase, "Traceroute-based target link flooding attack detection scheme by analyzing hop count to the destination," in 2017 23rd Asia-Pacific Conference on Communications (APCC), 2017, pp. 1-6.
[9]J. Wang, R. Wen, J. Li, F. Yan, B. Zhao, and F. Yu, "Detecting and Mitigating Target Link-Flooding Attacks Using SDN," IEEE Transactions on Dependable and Secure Computing, pp. 1-1, 2018.
[10]L. Xue, X. Ma, X. Luo, E. W. W. Chan, T. T. N. Miu and G. Gu, "LinkScope: Toward Detecting Target Link Flooding Attacks," in IEEE Transactions on Information Forensics and Security, vol. 13, no. 10, pp. 2423-2438, Oct. 2018
[11]C. Liaskos, V. Kotronis, and X. Dimitropoulos, "A novel framework for modeling and mitigating distributed link flooding attacks," in IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications, 2016, pp. 1-9
[12]R. U. Rasool, U. Ashraf, K. Ahmed, H. Wang, W. Rafique, and Z. Anwar, "Cyberpulse: A Machine Learning Based Link Flooding Attack Mitigation System for Software Defined Networks," IEEE Access, vol. 7, pp. 34885-34899, 2019.
[13]Y. Luan and S. Lin, "Research on Text Classification Based on CNN and LSTM," 2019 IEEE International Conference on Artificial Intelligence and Computer Applications (ICAICA), Dalian, China, 2019, pp. 352-355, doi: 10.1109/ICAICA.2019.8873454.
[14]https://en.wikipedia.org/wiki/Fuzzing

無法下載圖示 全文公開日期 2025/08/21 (校內網路)
全文公開日期 本全文未授權公開 (校外網路)
全文公開日期 本全文未授權公開 (國家圖書館:臺灣博碩士論文系統)
QR CODE