/DDoS-testing-server

APIs are exposed to the public or internal network interfaces, thus they are vulnerable to various security threats. Hackers can attack such APIs to steal sensitive data or to disrupt the services provided by APIs to the intended users. Therefore, API-based attack detection is important to identify and prevent fraudulent access to APIs. Since Machine learning (ML) and Artificial Intelligence (AI) have shown great potential in detecting abnormal patterns, AI is a useful tool in detecting attacks to the APIs. However, using AI/ML requires accurate data to learn the fraudulence patterns and to validate the developed solutions, which is a major challenge faced by data scientists and researchers. To address this challenge, we proposed an approach that learns to detect attacks using the generated data by attacking the APIs. Therefore, the solution will consist of two models for 1) attack detection, 2) attack generation. Assume if we want to detect DDOS attacks, the attack simulation model will try to simulate the DDOS attack without being detected by the attack detection model. If the attack is undetected and leads to the unavailability of the API, we can assign a penalty to attack detection model, and reward to the attacking model. We can allow both models to compete with each other similar to adversarial learning to achieve highly accurate attack detection models. This blogs [1] explains how adversarial learning is used to prevent attacks to the image recognition models. The goal of this project is to deliver an attack simulation and detection tool by improving adversarial learning approaches to simulate and detect API-based attacks.

Primary LanguagePython

Stargazers