Skip navigation

Spotting Anomalies at the Edge: Outlier Exposure-based Cross-silo Federated Learning for DDoS Detection

Distributed Denial-of-Service (DDoS) attacks are expected to continue plaguing service availability in emerging networks which rely on distributed edge clouds to offer critical, latency-sensitive applications. Edge servers increase the network attack surface, and massive numbers of connected Internet of Things (IoT) devices can be weaponized to launch DDoS attacks. Therefore, it is crucial to detect DDoS attacks early – at the network edge.

We have developed a novel Outlier Exposure (OE)-enabled cross-silo Federated Learning framework we call FedOE. It empowers the network edge with intelligent DDoS detection by learning from similarities between different data and DDoS attacks available across the edge servers. Our evaluation shows that the novel OE-based Autoencoder we propose achieves a high F1-score for most DDoS attacks, outclassing its non-OE counterpart.

Full abstract available in IEEEXplore DOI 10.1109/TDSC.2022.3224896

 

Authors

Vahid Pourahmadi – David R. Cheriton School of Computer Science, University of Waterloo, Ontario, Canada; and Department of Electrical Engineering, Amirkabir University of Technology, Tehran, Iran.

Hyame Assem Alameddine – Ericsson Security Research, Montreal, Canada.

Mohammad A. Salahuddin – David R. Cheriton School of Computer Science, University of Waterloo, Ontario, Canada

Raouf Boutaba – David R. Cheriton School of Computer Science, University of Waterloo, Ontario, Canada

 

Published in: IEEE Transactions on Dependable and Secure Computing, Volume: 20, Issue: 5, 01, Sept.-Oct. 2023

 

©2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse.

Download the paper