Efficient poisoning attacks and defenses for unlabeled data in DDoS prediction of intelligent transportation systems
College of Information Science and Technology, Donghua University, Shanghai 201620, China
2 Key Laboratory of the Ministry of Education for Embedded System and Service Computing, Department of Computer Science, Tongji University, Shanghai 201804, China
3 Shanghai Network Financial Security Collaborative Innovation Center, Tongji University, Shanghai 201804, China
* Corresponding author (email: email@example.com)
Revised: 17 February 2022
Accepted: 28 February 2022
Nowadays, large numbers of smart sensors (e.g., road-side cameras) which communicate with nearby base stations could launch distributed denial of services (DDoS) attack storms in intelligent transportation systems. DDoS attacks disable the services provided by base stations. Thus in this paper, considering the uneven communication traffic flows and privacy preserving, we give a hidden Markov model-based prediction model by utilizing the multi-step characteristic of DDoS with a federated learning framework to predict whether DDoS attacks will happen on base stations in the future. However, in the federated learning, we need to consider the problem of poisoning attacks due to malicious participants. The poisoning attacks will lead to the intelligent transportation systems paralysis without security protection. Traditional poisoning attacks mainly apply to the classification model with labeled data. In this paper, we propose a reinforcement learning-based poisoning method specifically for poisoning the prediction model with unlabeled data. Besides, previous related defense strategies rely on validation datasets with labeled data in the server. However, it is unrealistic since the local training datasets are not uploaded to the server due to privacy preserving, and our datasets are also unlabeled. Furthermore, we give a validation dataset-free defense strategy based on Dempster–Shafer (D–S) evidence theory avoiding anomaly aggregation to obtain a robust global model for precise DDoS prediction. In our experiments, we simulate 3000 points in combination with DARPA2000 dataset to carry out evaluations. The results indicate that our poisoning method can successfully poison the global prediction model with unlabeled data in a short time. Meanwhile, we compare our proposed defense algorithm with three popularly used defense algorithms. The results show that our defense method has a high accuracy rate of excluding poisoners and can obtain a high attack prediction probability.
Key words: Poisoning attacks / Defenses / Multi-step DDoS prediction / Unlabeled data / Intelligent transportation systems
Citation: Li Z, Wu X and Jiang CJ. Efficient poisoning attacks and defenses for unlabeled data in DDoS prediction of intelligent transportation systems. Security and Safety 2022; 1: 2022003. https://doi.org/10.1051/sands/2022003
© The Author(s) 2022. Published by EDP Sciences and China Science Publishing & Media Ltd.
This is an Open Access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.