Graph Neural Network-Based DDoS Protection for Data Center Infrastructure
Kartikeya Sharma, Craig Jacobik
TL;DR
This paper presents a GNN-based system using Graph U-Nets to detect and mitigate DDoS attacks in data center networks, achieving high accuracy and minimal operational disruption.
Contribution
The authors introduce a novel GNN model with Graph U-Nets architecture for effective DDoS detection tailored for data center environments.
Findings
F1 score over 95% on open-source datasets
Detection precision of 98.5% in complex cloud environments
Minimal integration effort into existing network workflows
Abstract
In light of rising cybersecurity threats, data center providers face growing pressure to protect their own management infrastructure from Distributed Denial-of-Service (DDoS) attacks. While tenant-managed cages generally fall outside the data center's direct security purview, a successful DDoS assault on core provider systems can indirectly disrupt network services. To address this availability assault, the authors developed a Graph Neural Network (GNN) based detection system which leverages Graph U-Nets to automatically classify and mitigate DDoS traffic. Although the model was developed using open-source network flows rather than proprietary data center logs, the model effectively identifies multi-layer DDoS attacks that resemble the malicious patterns threatening modern data centers. Adopting this system to data center environments requires minimal changes to existing operational…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSoftware-Defined Networks and 5G · Network Security and Intrusion Detection · Smart Grid Security and Resilience