CFP last date
20 January 2025
Call for Paper
February Edition
IJCA solicits high quality original research papers for the upcoming February edition of the journal. The last date of research paper submission is 20 January 2025

Submit your paper
Know more
The week's pick
Responsive image
SFLA-Based Line Balancing and Task Optimization in Master-Slave Controlled Hanger Transportation Systems for Garment Production

Duc Hoang Nguyen
Random Articles
Reseach Article

Machine Learning-based Approach for Detecting DDoS Attacks in Software Defined Networks

by Abeer Hakeem, Afraa Attiah
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 186 - Number 43
Year of Publication: 2024
Authors: Abeer Hakeem, Afraa Attiah
10.5120/ijca2024924031

Abeer Hakeem, Afraa Attiah . Machine Learning-based Approach for Detecting DDoS Attacks in Software Defined Networks. International Journal of Computer Applications. 186, 43 ( Sep 2024), 1-9. DOI=10.5120/ijca2024924031

@article{ 10.5120/ijca2024924031,
author = { Abeer Hakeem, Afraa Attiah },
title = { Machine Learning-based Approach for Detecting DDoS Attacks in Software Defined Networks },
journal = { International Journal of Computer Applications },
issue_date = { Sep 2024 },
volume = { 186 },
number = { 43 },
month = { Sep },
year = { 2024 },
issn = { 0975-8887 },
pages = { 1-9 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume186/number43/machine-learning-based-approach-for-detecting-ddos-attacks-in-software-defined-networks/ },
doi = { 10.5120/ijca2024924031 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-09-30T23:02:46.927662+05:30
%A Abeer Hakeem
%A Afraa Attiah
%T Machine Learning-based Approach for Detecting DDoS Attacks in Software Defined Networks
%J International Journal of Computer Applications
%@ 0975-8887
%V 186
%N 43
%P 1-9
%D 2024
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Software-Defined Networking (SDN) provides enhanced manageability, control, and dynamic updating of network rules through the separation of the control and data planes. However, SDN architectures remain vulnerable to various network attacks, including Distributed Denial of Service (DDoS) attacks. To address this challenge, this paper proposes the DDoSDetect solution, which leverages Logistic Regression machine learning algorithm to detect DDoS attacks in SDN environments. The DDoSDetect solution focuses on identifying flooding-based DDoS attacks, including TCP SYN, HTTP, UDP, and ICMP attacks, by analyzing SDN network traffic. The Logistic Regression classifier is trained to distinguish between normal and attack traffic based on four key features: number of packets, packet size, source and destination MAC addresses. The performance of the DDoSDetect solution is evaluated and compared to other binary classification algorithms, such as Naive Bayes, Random Forest, K-Nearest Neighbor and Support Vector Machine. The experimental results demonstrate that the DDoSDetect solution based on logistic regression outperforms the well-known performing alternative classifiers, achieving an accuracy improvement of 2.4%, an F1-score enhancement of 2.0%, and a precision increase of 11.68%.

References
  1. D. Kreutz, F. M. Ramos, P. E. Verissimo, C. E. Rothenberg, S. Azodolmolky, and S. Uhlig, “Software-defined networking: A comprehensive survey,” Proceedings of the IEEE, vol. 103, no. 1, pp. 14–76, 2014.
  2. W. Braun and M. Menth, “Software-defined networking using openflow: Protocols, applications and architectural design choices,” Future Internet, vol. 6, no. 2, pp. 302–336, 2014.
  3. B. A. A. Nunes, M. Mendonca, X.-N. Nguyen, K. Obraczka, and T. Turletti, “A survey of software-defined networking: Past, present, and future of programmable networks,” IEEE Communications Surveys Tutorials, vol. 16, no. 3, pp. 1617– 1634, 2014.
  4. “Marketsandmarkets, 2019, software defined networking market.” https://https://www.marketsandmarkets.com/ Market-Reports/, [Online; accessed 30-July-2024].
  5. “Oleg kupreev, ekaterina badovskaya, a. g., 2020. ddos attacks in q1 2020,” https://securelist.com/ ddos-attacks-in-q1-2020/96837/, [Online; accessed 6- June-2024].
  6. A. N. Viet, L. P. Van, H.-A. N. Minh, H. D. Xuan, N. P. Ngoc, and T. N. Huu, “Mitigating http get flooding attacks in sdn using netfpga-based openflow switch,” in 2017 14th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON), 2017, pp. 660–663.
  7. S.Wang, K. G. Chavez, and S. Kandeepan, “Seco: Sdn secure controller algorithm for detecting and defending denial of service attacks,” in 2017 5th International Conference on Information and Communication Technology (ICoIC7). IEEE, 2017, pp. 1–6.
  8. N. Dayal, P. Maity, S. Srivastava, and R. Khondoker, “Research trends in security and ddos in sdn,” Security and Communication Networks, vol. 9, no. 18, pp. 6386–6411, 2016.
  9. Y. Jarraya, T. Madi, and M. Debbabi, “A survey and a layered taxonomy of software-defined networking,” IEEE Communications Surveys Tutorials, vol. 16, no. 4, pp. 1955–1980, 2014.
  10. “Sflow-rt,” https://sflow-rt.com, [Online; accessed 25-June- 2024].
  11. K. Kalkan, L. Altay, G. G¨ur, and F. Alag¨oz, “Jess: Joint entropy-based ddos defense scheme in sdn,” IEEE Journal on Selected Areas in Communications, vol. 36, no. 10, pp. 2358– 2372, 2018.
  12. J. Ye, X. Cheng, J. Zhu, L. Feng, and L. Song, “A ddos attack detection method based on svm in software defined network,” Secur. Commun. Networks, vol. 2018, pp. 9 804 061:1–9 804 061:8, 2018. [Online]. Available: https://api.semanticscholar.org/CorpusID:21717772
  13. L. Yang and H. Zhao, “Ddos attack identification and defense using sdn based on machine learning method,” 2018 15th International Symposium on Pervasive Systems, Algorithms and Networks (I-SPAN), pp. 174–178, 2018. [Online]. Available: https://api.semanticscholar.org/CorpusID:59619582
  14. J. Kang, Y. Zhang, and J.-B. Ju, “Classifying ddos attacks by hierarchical clustering based on similarity,” in 2006 International Conference on Machine Learning and Cybernetics. IEEE, 2006, pp. 2712–2717.
  15. L. Barki, A. Shidling, N. Meti, D. Narayan, and M. M. Mulla, “Detection of distributed denial of service attacks in software defined networks,” in 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI). IEEE, 2016, pp. 2576–2581.
  16. S. Dong and M. Sarem, “Ddos attack detection method based on improved knn with the degree of ddos attack in softwaredefined networks,” IEEE Access, vol. 8, pp. 5039–5048, 2019.
  17. S. Yadav and S. Selvakumar, “Detection of application layer ddos attack by modeling user behavior using logistic regression,” in 2015 4th International Conference on Reliability, Infocom Technologies and Optimization (ICRITO)(Trends and Future Directions). IEEE, 2015, pp. 1–6.
  18. N. Meti, D. Narayan, and V. Baligar, “Detection of distributed denial of service attacks using machine learning algorithms in software defined networks,” in 2017 international conference on advances in computing, communications and informatics (ICACCI). IEEE, 2017, pp. 1366–1371.
  19. K. S. Sahoo, A. Iqbal, P. Maiti, and B. Sahoo, “A machine learning approach for predicting ddos traffic in software defined networks,” in 2018 International Conference on Information Technology (ICIT). IEEE, 2018, pp. 199–203.
  20. J. Ye, X. Cheng, J. Zhu, L. Feng, and L. Song, “A ddos attack detection method based on svm in software defined network,” Security and Communication Networks, vol. 2018, no. 1, p. 9804061, 2018.
  21. N. Z. Bawany, J. A. Shamsi, and K. Salah, “Ddos attack detection and mitigation using sdn: methods, practices, and solutions,” Arabian Journal for Science and Engineering, vol. 42, pp. 425–441, 2017.
  22. M.W. Nadeem, H. G. Goh, V. Ponnusamy, and Y. Aun, “Ddos detection in sdn using machine learning techniques.” Computers, Materials & Continua, vol. 71, no. 1, 2022.
  23. J. Bhayo, S. A. Shah, S. Hameed, A. Ahmed, J. Nasir, and D. Draheim, “Towards a machine learning-based framework for ddos attack detection in software-defined iot (sd-iot) networks,” Engineering Applications of Artificial Intelligence, vol. 123, p. 106432, 2023.
  24. H. Alubaidan, R. Alzaher, M. AlQhatani, and R. Mohammed, “Ddos detection in software-defined network (sdn) using machine learning,” Int J Cybernetics Inform, vol. 12, no. 4, 2023.
  25. H. Elubeyd and D. Yiltas-Kaplan, “Hybrid deep learning approach for automatic dos/ddos attacks detection in softwaredefined networks,” Applied Sciences, vol. 13, no. 6, p. 3828, 2023.
  26. “jupyter,” https://jupyter.org/, [Online; accessed 25-June- 2023].
  27. P. Amaral, J. Dinis, P. Pinto, L. Bernardo, J. Tavares, and H. S. Mamede, “Machine learning in software defined networks: Data collection and traffic classification,” in 2016 IEEE 24th International conference on network protocols (ICNP). IEEE, 2016, pp. 1–5.
  28. “Mininet,” http://mininet.org, [Online; accessed 25-June- 2023].
  29. “jupyter,” https://ryu.readthedocs.io/en/latest/index.html, [Online; accessed 20-Jan-2023].
Index Terms

Computer Science
Information Sciences

Keywords

DDoS SDN Logistic Regression Naive Bayes Random Forest and Support Vector Machine Machine learning and Feature Selection

Powered by PhDFocusTM