Detection of DDoS Attack in Software-Defined Networking Environment and Its Protocol-wise Analysis using Machine Learning
Keywords:
DDoS detection, TCP SYN attack, ICMP attack, UDP flood attack, Software-Defined Networking, Machine LearningAbstract
Distributed-denial-of-service (DDoS) attacks can cause a great menace to numerous organizations and their stakeholders. On a successful launch of such attacks, the intended users of the network become deprived of its services, which eventually causes a loss of time and money. Not just the traditional networks were victims of DDoS attacks, even the modern networks based on software-defined networking (SDN) technology are susceptible to them. The objective of this research work is to take into account a DDoS afflicted SDN specific dataset and detect the malicious traffic by using various machine learning algorithms namely., K-Nearest Neighbours, Logistic Regression, Multilayer Perceptron, Iterative Dichotomiser 3, and Stochastic Gradient Descent. Additionally, the categories of malicious traffic based on the protocol as ICMP attack, TCP SYN attack and UDP flood attack are analyzed and compared. The experiment results suggested that some algorithms were able to detect malicious traffic with accuracies up to 99.993%. The models used in this paper are further evaluated and validated with Area Under the Curve of Receiver Operator Characteristic (AUC-ROC) curves. Therefore, through the methodologies presented in this paper, the most suitable techniques for DDoS detection are suggested and thus contribute towards the DDoS mitigation in network management of SDN environments.
Downloads
References
Wankhede, S., & Kshirsagar, D. (2018). DoS Attack Detection Using Machine Learning and Neural Network. 2018 Fourth International Conference on Computing Communication Control and Automation (ICCUBEA).
Lee, K., Kim, J., Kwon, K. H., Han, Y., & Kim, S. (2008). DDoS attack detection method using cluster analysis. Expert Systems with Applications, 34(3), 1659–1665. doi:10.1016/j.eswa.2007.01.040
Tan Z, Jamdagni A, He X, Nanda P, Liu RP, Hu J (2014) Detection of denial-of-service attacks based on computer vision techniques. IEEE Trans Comput 64(9):2519–2533
Garg, D. K. . (2022). Understanding the Purpose of Object Detection, Models to Detect Objects, Application Use and Benefits. International Journal on Future Revolution in Computer Science &Amp; Communication Engineering, 8(2), 01–04. https://doi.org/10.17762/ijfrcsce.v8i2.2066
Saied A, Overill RE, Radzik T (2016) Detection of known and unknown DDoS attacks using artificial neural networks. Neurocomputing 172:385–393
Yan Q, Gong Q, Deng F-A (2016) Detection of DDoS attacks against wireless SDN controllers based on the fuzzy synthetic evaluation decision-making model. Adhoc Sens Wirel Netw 33
Patil, V. N., & Ingle, D. R. (2022). A Novel Approach for ABO Blood Group Prediction using Fingerprint through Optimized Convolutional Neural Network. International Journal of Intelligent Systems and Applications in Engineering, 10(1), 60–68. https://doi.org/10.18201/ijisae.2022.268
Cui Y, Yan L, Li S, Xing H, Pan W, Zhu J, Zheng X (2016) SD-Anti-DDoS: fast and efficient DDoS defense in software-defined networks. J Netw Comput Appl 68:65–79
Fallahi N, Sami A, Tajbakhsh M (2016) Automated fow-based rule generation for network intrusion detection systems. In: 24th Iranian Conference on Electrical Engineering (ICEE). IEEE, pp 1948–1953
Garg, D. K. . (2022). Understanding the Purpose of Object Detection, Models to Detect Objects, Application Use and Benefits. International Journal on Future Revolution in Computer Science &Amp; Communication Engineering, 8(2), 01–04. https://doi.org/10.17762/ijfrcsce.v8i2.2066
Wang M, Lu Y, Qin J (2020) A dynamic MLP-based DDoS attack detection method using feature selection and feedback. Comput Secur 88:101645
Liang X, Znati T (2019) On the performance of intelligent techniques for intensive and stealthy DDoS detection. Comput Netw 164:106906
Garg, D. K. . (2022). Understanding the Purpose of Object Detection, Models to Detect Objects, Application Use and Benefits. International Journal on Future Revolution in Computer Science &Amp; Communication Engineering, 8(2), 01–04. https://doi.org/10.17762/ijfrcsce.v8i2.2066
Criscuolo, P. J. (2000). Distributed denial of service Trin00, Tribe Flood Network, Tribe Flood Network 2000, and Stacheldraht CIAC-2319. Department of Energy Computer Incident Advisory (CIAC), UCRLID-136939, Rev. 1, Lawrence Livermore National Laboratory
Haghaghi A, Kaafar MA, Buyya R, Jha S (2020) Software-defined network (SDN) data plane security: issues, solutions, and future directions. In: Handbook of Computer Networks and Cyber Security. Springer, pp 341–387
RZhong and G. Yue, “DDOS detection system based on data mining,” in Proceedings of the 2nd International Symposium on Networking and Network Security, Jinggangshan, China, 2010, pp. 2–4
Garg, D. K. . (2022). Understanding the Purpose of Object Detection, Models to Detect Objects, Application Use and Benefits. International Journal on Future Revolution in Computer Science &Amp; Communication Engineering, 8(2), 01–04. https://doi.org/10.17762/ijfrcsce.v8i2.2066
YC. Wu, H.-R. Tseng, W. Yang, and R.-H. Jan, “DDOS detection and traceback with decision tree and grey relational analysis,” International Journal of Ad Hoc and Ubiquitous Computing, vol. 7, no. 2, pp. 121– 136, 2011
JH. Chen, M. Zhong, F.-J. Chen, and A.-D. Zhang, “DDOS defense system with turing test and neural network,” in IEEE International Conference on Granular Computing (GrC). IEEE, 2012, pp. 38–43.
H. Li and D. Liu, “Research on intelligent intrusion prevention system based on snort,” in International Conference on Computer, Mechatronics, Control and Electronic Engineering (CMCE), vol. 1. IEEE, 2010, pp. 251–253
Ahuja, Nisha; Singal, Gaurav; Mukhopadhyay, Debajyoti (2020), “DDOS attack SDN Dataset”, Mendeley Data, V1, doi: 10.17632/jxpfjc64kr.1.
Liu, Z., Hu, C., & Shan, C. (2021). Riemannian manifold on stream data: Fourier transform and entropy-based DDoS attacks detection method. Computers & Security, 109, 102392. https://doi.org/10.1016/J.COSE.2021.102392
Ahuja, Nisha; Singal, Gaurav; Mukhopadhyay, Debajyoti (2020), “DDOS attack SDN Dataset”, Mendeley Data, V1, doi: 10.17632/jxpfjc64kr.1
Garg, D. K. . (2022). Understanding the Purpose of Object Detection, Models to Detect Objects, Application Use and Benefits. International Journal on Future Revolution in Computer Science &Amp; Communication Engineering, 8(2), 01–04. https://doi.org/10.17762/ijfrcsce.v8i2.2066
C. Liu, Z., Hu, C., & Shan, C. (2021). Riemannian manifold on stream data: Fourier transform and entropy-based DDoS attacks detection method. Computers & Security, 109, 102392. https://doi.org/10.1016/J.COSE.2021.102392
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
