Towards a Distributed Learning Architecture for Securing ISP Home Customers
Ref: CISTER-TR-210501 Publication Date: 25, Jun, 2021
Towards a Distributed Learning Architecture for Securing ISP Home CustomersRef: CISTER-TR-210501 Publication Date: 25, Jun, 2021
Networking equipment that connects households to an operator network, such as home gateways and routers, are major victims of cyber-attacks, being exposed to a number of threats, from misappropriation of user accounts by malicious agents to access to personal information and data, threatening users' privacy and security. The exposure surface to threats is even wider when the growing ecosystem of Internet-of-Things devices is considered. Thus, it is beneficial for the operator and customer that a security service is provided to protect this ecosystem. The service should be tailored to the particular needs and Internet usage profile of the customer network. For this purpose, Machine Learning methods can be explored to learn typical behaviours and identify anomalies. In this paper, we present preliminary insights into the architecture and mechanisms of a security service offered by an Internet Service Provider. We focus on Distributed Denial-of-Service kind of attacks and define the system requirements. Finally, we analyse the trade-offs of distributing the service between operator equipment deployed at the customer premises and cloud-hosted servers.