Paper by M.Dimolianis, D.Kalogeras, N.Kostopoulos and V.Maglaris at NETMODE of ECE-NTUA receives the Best Paper Award in the IEEE International Conference on Cloud Networking 2022

We are pleased to announce that the paper entitled DDoS Attack Detection via Privacy-aware Federated Learning and Collaborative Mitigation in Multi-domain Cyber Infrastructures” received the Best Paper Award in the IEEE International Conference on Cloud Networking that was held in Paris, France on 7-10 November 2022.

The award-winning work was performed at the Network Management & Optimal Design - NETMODE Laboratory of the School of Electrical & Computer Engineering at the National Technical University of Athens (NTUA). The paper was co-authored by Marinos Dimolianis (Doctor Eng. of NTUA, currently at GRNET), Dimitrios Kalogeras (Senior Researcher of the Institute of Computer & Communication Systems - ICCS at NTUA), Nikos Kostopoulos (Doctoral Candidate at the ECE School of NTUA) and Vasilis Maglaris (Professor Emeritus of NTUA).

This paper has been partially funded by the European Union’s Horizon H2020 Framework Programme (Grant Agreement No. 856726, GÉANT GN4-3), the Special Account for Research Funding of NTUA and the FELICE H2020 Project (Grant ID 101017151).

Short Abstract: A collaborative Intrusion Detection and Mitigation schema is presented and evaluated, that leverages on Artificial Intelligence (AI) methods to identify Distributed Denial of Service (DDoS) attack patterns against Inter-connected cyber infrastructures (e.g. federated Data-Centres, Autonomous Systems in the global Internet). Subsequently, smart data-plane programmable mechanisms are proposed to filter attack traffic in real time.

Collaborative protection mechanisms are prime candidates to defend against massive attacks but, although collaborations were instrumental in the Internet success story, this is largely not extended to multi-domain cyber security. Notably, collaborative DDoS detection is hindered by data privacy legislations, while mitigation is limited to operations of stand-alone rigid firewalls. Motivated by these shortcomings, a Federated Learning AI schema is proposed for collaborative privacy-aware DDoS detection. Coordination is orchestrated by a third trusted party that aggregates Machine Learning (ML) models proposed by collaborators based on their private attack and benign traces, without exchanging sensitive data. Attacks detected via the privacy-aware federated model are subsequently mitigated by efficient and scalable firewalls, implemented within the eXpress Data Path (XDP) data plane programmability framework. This intrusion detection and mitigation architecture was evaluated using production traffic traces in terms of packet classification accuracy and packet processing performance. It was concluded that the proposed Federated Learning framework enabled collaborators to accurately classify benign and attack packets, thereby improving individual domain accuracy. Furthermore, the data plane programmable firewalls promptly mitigated large-scale attacks in emulated federated cyber infrastructures.

The full paper is available from here.