iQUIC: An intelligent framework for defending QUIC connection ID-based DoS attack using advantage actor-critic RL

QUIC (Quick UDP Internet Connections) is a relatively recent transport layer protocol that Google deployed and implemented for the first time in 2012. The key aspect of this protocol is that it is faster than TCP, more secure than UDP, and more efficient regarding resource usage. It has been adopted by some Internet-based applications, viz., YouTube, Gmail, etc. Recent advancements in 5G/6G communication technology have enabled the integration of QUIC with many real-time applications. One of the drawbacks in the design of the QUIC protocol is its vulnerability against attacks related to connection ID, and a recent attack of this type is the retire connection ID stuffing attack. This attack leads to a denial of service (DoS) condition, thus hindering network operations and services. Few preventive solutions have been proposed, but they focus on closing the connection after detecting an attack scenario, which results in service disruption. In this paper, we attempted to render flexibility to this rigid security defense mechanism situation by proposing iQUIC, an intelligent framework to configure a network condition monitoring QUIC server. The framework inputs the network data to a local Advantage Actor-Critic (A2C) Reinforcement Learning (RL) engine to support decision-making regarding accepting/rejecting a request from a client or issuing a warning signal to it. The framework also enables the server to stochastically suspend connections with the client(s) following in epsilon-greedy approach after a predefined observation window. To replicate a real-world QUIC-enabled network, we devised a small QUIC network consisting of two clients and a server and generated substantial QUIC traffic by implementing a U-Net-based GAN (Generative Adversarial Network) model from scratch. A simulation-based performance evaluation demonstrates that the QUIC server powered by the actor-critic RL learns to make optimal decisions with time.