Bungee-ML: A Cross-Plane Approach for a Collaborative Defense Against DDoS Attacks

Network services and applications are targeted by different types of attacks on a daily basis. One of the most common and devastating types is Distributed Denial of Service (DDoS) attacks. Considering the emergence of data plane programmability, in this paper, we propose Bungee-ML, an innovative, hybrid approach that combines the fast processing speed of the data plane and the high capacity and intelligence of the control plane to mitigate DDoS attacks. Bungee-ML continuously monitors traffic at the data plane to detect traffic anomalies and supplies machine learning models (running in the control plane) with inputs to perform in-depth traffic analysis. We refer to this as vertical cooperation. Additionally, our approach progressively pushes back malicious traffic farther away from the victim through horizontal mitigation coordination between forwarding devices. Our evaluation of a P4-built prototype demonstrates that Bungee-ML is highly accurate in identifying and mitigating sources of attack due to the vertical cooperation and has a low resource footprint. Furthermore, our pushback strategy saves network bandwidth by mitigating non-legitimate traffic closer to its sources. (AU)