Digital Twin-Enabled Intelligent DDoS Detection Mechanism for Autonomous Core Networks

Yigit, Yagmur; Bal, Bahadir; Karameseoglu, Aytac; Canberk, Berk

doi:10.1109/mcomstd.0001.2100022

Cited by 28 publications

(6 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Simulations validate the advantages of the designed stacked model for real-time intrusion detection. Considering the autonomous core networks, Yigit et al [86] present a digital twin-assisted DDoS detection scheme through an online learning approach. Xiao et al [87] investigate a digital twin-based security framework to protect the smart home system.…”

Section: Intrusion Detection and Situational Awareness In Iodtmentioning

confidence: 99%

A Survey on Digital Twins: Architecture, Enabling Technologies, Security and Privacy, and Future Prospects

Wang

Zhou

Guo

et al. 2023

IEEE Internet Things J.

View full text Add to dashboard Cite

By interacting, synchronizing, and cooperating with its physical counterpart in real time, digital twin is promised to promote an intelligent, predictive, and optimized modern city. Via interconnecting massive physical entities and their virtual twins with inter-twin and intra-twin communications, the Internet of digital twins (IoDT) enables free data exchange, dynamic mission cooperation, and efficient information aggregation for composite insights across vast physical/virtual entities. However, as IoDT incorporates various cutting-edge technologies to spawn the new ecology, severe known/unknown security flaws and privacy invasions of IoDT hinders its wide deployment. Besides, the intrinsic characteristics of IoDT such as decentralized structure, information-centric routing and semantic communications entail critical challenges for security service provisioning in IoDT. To this end, this paper presents an in-depth review of the IoDT with respect to system architecture, enabling technologies, and security/privacy issues. Specifically, we first explore a novel distributed IoDT architecture with cyber-physical interactions and discuss its key characteristics and communication modes. Afterward, we investigate the taxonomy of security and privacy threats in IoDT, discuss the key research challenges, and review the state-of-the-art defense approaches. Finally, we point out the new trends and open research directions related to IoDT.

show abstract

Section: Intrusion Detection and Situational Awareness In Iodtmentioning

confidence: 99%

A Survey on Digital Twins: Architecture, Enabling Technologies, Security and Privacy, and Future Prospects

Wang

Zhou

Guo

et al. 2023

IEEE Internet Things J.

View full text Add to dashboard Cite

show abstract

“…In another context, Yigit et al [44] present a digital twin-enabled framework aimed at Distributed denial of service (DDoS) attack detection for autonomous core networks. Since existing DDoS solutions are insufficient for data centers and edge networks in terms of scalability, detection rates, and latency, the authors develop an online ML-based algorithm for effective DDoS detection.…”

Section: Digital Twins For Core Networkmentioning

confidence: 99%

“…The capabilities of a GraphNDT to analyze system states over time can be leveraged for predictive maintenance, including predicting failure points, tracing back to root causes, and making maintenance decisions [28,31,43,44]. By providing two-way communication, an NDT not only allows synchronizing the digital twin with the actual network infrastructure, but also provides a means to apply remote reconfiguration, simulate potential changes or maintenance activities, and validate their impact on network performance.…”

Section: Predictive Maintenancementioning

confidence: 99%

Empowering Digital Twin for Future Networks with Graph Neural Networks: Overview, Enabling Technologies, Challenges, and Opportunities

Ngo,

Aouedi,

Piamrat

et al. 2023

Future Internet

View full text Add to dashboard Cite

As the complexity and scale of modern networks continue to grow, the need for efficient, secure management, and optimization becomes increasingly vital. Digital twin (DT) technology has emerged as a promising approach to address these challenges by providing a virtual representation of the physical network, enabling analysis, diagnosis, emulation, and control. The emergence of Software-defined network (SDN) has facilitated a holistic view of the network topology, enabling the use of Graph neural network (GNN) as a data-driven technique to solve diverse problems in future networks. This survey explores the intersection of GNNs and Network digital twins (NDTs), providing an overview of their applications, enabling technologies, challenges, and opportunities. We discuss how GNNs and NDTs can be leveraged to improve network performance, optimize routing, enable network slicing, and enhance security in future networks. Additionally, we highlight certain advantages of incorporating GNNs into NDTs and present two case studies. Finally, we address the key challenges and promising directions in the field, aiming to inspire further advancements and foster innovation in GNN-based NDTs for future networks.

show abstract

“…Te frst one is known as "network-level fooding," when TCP, UDP, ICMP, and DNS packets are used to overload intended clients' network capabilities and resources. Whereas, the second protocol level is referred to as "application-level DDoS fooding" which is typically done on an HTTP web page when attacks are launched to deplete server resources such as sockets, CPU, ports, memory, databases, and input/output bandwidth [6]. Regarding the rapid growth and the harm caused by DDoS attacks, several kinds of research have been conducted on these attacks, and various approaches have been presented in the literature to prevent these attacks using fog computing [7,8].…”

Section: Introductionmentioning

confidence: 99%

Toward a Real-Time TCP SYN Flood DDoS Mitigation Using Adaptive Neuro-Fuzzy Classifier and SDN Assistance in Fog Computing

Bensaid,

Labraoui,

Abba Ari

et al. 2024

Security and Communication Networks

View full text Add to dashboard Cite

The growth of the Internet of Things (IoT) has recently impacted our daily lives in many ways. As a result, a massive volume of data are generated and need to be processed in a short period of time. Therefore, a combination of computing models such as cloud computing is necessary. The main disadvantage of the cloud platform is its high latency due to the centralized mainframe. Fortunately, a distributed paradigm known as fog computing has emerged to overcome this problem, offering cloud services with low latency and high-access bandwidth to support many IoT application scenarios. However, attacks against fog servers can take many forms, such as distributed denial of service (DDoS) attacks that severely affect the reliability and availability of fog services. To address these challenges, we propose mitigation of fog computing-based SYN Flood DDoS attacks using an adaptive neuro-fuzzy inference system (ANFIS) and software defined networking (SDN) assistance (FASA). The simulation results show that the FASA system outperforms other algorithms in terms of accuracy, precision, recall, and F1-score. This shows how crucial our system is for detecting and mitigating TCP-SYN floods and DDoS attacks.

show abstract

Digital Twin-Enabled Intelligent DDoS Detection Mechanism for Autonomous Core Networks

Cited by 28 publications

References 9 publications

A Survey on Digital Twins: Architecture, Enabling Technologies, Security and Privacy, and Future Prospects

A Survey on Digital Twins: Architecture, Enabling Technologies, Security and Privacy, and Future Prospects

Empowering Digital Twin for Future Networks with Graph Neural Networks: Overview, Enabling Technologies, Challenges, and Opportunities

Toward a Real-Time TCP SYN Flood DDoS Mitigation Using Adaptive Neuro-Fuzzy Classifier and SDN Assistance in Fog Computing

Contact Info

Product

Resources

About