Ancy Sherin Jose scite author profile

Distributed Denial of Service Attack (DDoS) has emerged as a major threat to cyber space. A DDoS attack aims at exhausting the resources of the victim causing financial and reputational damages to it. The availability of free software make launching of DDoS attacks easy. The difficulty in differentiating a DDoS traffic from a legitimate traffic burst such as a flash crowd makes DDoS difficult to be identified. A wide range of techniques have been used in conventional networks to detect and mitigate DDoS attacks. Though the advent of Software Defined Networking (SDN) makes a network easy to be managed even SDN is vulnerable to DDoS attacks. In this case, the controller of the SDN gets overloaded with the incoming packets from the switches. In fact, a solution based on security analytics can be put in place to ward off this threat as a proactive security measure using the flow level statistics available from the SDN. Compared to the packet analysis used in traditional networks which is resource expensive the flow level statistics is relatively inexpensive. This paper focuses on the design and implementation of an attack detection system for detecting the flooding DDoS attacks TCP SYN flooding attacks, HTTP request flooding attacks, UDP flooding attacks and ICMP flooding attacks over SDN network traffic. The system uses various classification algorithms to classify a traffic into normal or attack. The feature sets for classification were arrived at using a feature selection module with ANOVA (Analysis of Variance) F-Test statistical method. Performance evaluation of each of the classifiers was carried out for the three feature sets obtained from the feature selection module using various performance measures and the results have been tabulated. The feature set which gives the best performance in detecting malicious traffic has been identified.

show abstract

Desinging Intrusion Detection System in Software Defined Networks Using Hybrid Gwo-Ae-Rf Model

Jose¹,

Nair²,

Paul³

2022

INDJCSE

View full text Add to dashboard Cite

Software Defined Networks is a promising networking solution which mitigates the limitations of traditional networks. The presence of logically centralized controller enables global view of the network in SDN. The provision for configuration and management of networking devices with high-level programming languages helps for adding proactive attack detection and mitigation strategies. However, SDN is prone to several evolving network attacks. Malicious traffic from botnets disrupts the network services and causes financial and reputational damages to individuals as well as enterprises. Intrusion detection systems aim to safeguard the network from vulnerabilities by detecting them instantaneously. Machine Learning based intrusion detection systems are used in traditional networks and are found very effective. This paper aims to build an Intrusion Detection System for Software Defined Networks leveraging machine learning and deep learning techniques. In order to build a model with reduced space and time complexity, feature selection and dimensionality reduction techniques were used. The feature selection using Grey Wolf Optimizer and dimensionality reduction with Autoencoder (GWO -AE) are incorporated in the study. The work is evaluated on the latest public SDN dataset -InSDN. Multiclass classification using Random Forest classifier with the reduced feature space obtained from GWO -AE gave weighted F1 score of 98.95%.

show abstract

Tree Derived Feature Importance and Bayesian Optimization For Improved Multi-class classification of DDoS Attacks in Software Defined Networks

Paul¹,

Jose²,

Nair³

2022

IJICS

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Ancy Sherin Jose

Data mining in software defined networking - a survey

Automatic Detection and Rectification of DNS Reflection Amplification Attacks with Hadoop MapReduce and Chukwa

Towards Detecting Flooding DDOS Attacks Over Software Defined Networks Using Machine Learning Techniques

Desinging Intrusion Detection System in Software Defined Networks Using Hybrid Gwo-Ae-Rf Model

Tree Derived Feature Importance and Bayesian Optimization For Improved Multi-class classification of DDoS Attacks in Software Defined Networks

Contact Info

Product

Resources

About