Noe M. Yungaicela-Naula scite author profile

Distributed Denial of Service (DDoS) attacks represent the most common and critical attacks targeting conventional and new generation networks, such as the Internet of Things (IoT), cloud computing, and fifth-generation (5G) communication networks. In recent years, DDoS attacks have become not only massive but also sophisticated. Software-Defined Networking (SDN) technology has demonstrated effectiveness in counter-measuring complex attacks since it provides flexibility on global network monitoring and inline network configuration. Although several works have been proposed to detect DDoS attacks, in most of them the authors did not use up-to-date datasets that contain the newest threats. Furthermore, only a few previous works assessed their solutions using simulated scenarios, easing the migration to production networks. This document presents the implementation of a modular and flexible SDN-based architecture to detect transport and application layer DDoS attacks using multiple Machine Learning (ML) and Deep Learning (DL) models. Exploring diverse ML/DL methods allowed us to resolve which methods perform better under different attack types and conditions. We tested the ML/DL models using two up-to-date security datasets, and they showed accuracy above 99% on classifying unseen traffic (testing set). We also deployed a simulated environment using the network emulator Mininet and the Open Network Operating System (ONOS) SDN controller. In this experimental setup, we demonstrated high detection rates, above 98% for transport DDoS attacks and up to 95% for application-layer DDoS attacks.INDEX TERMS Software Defined Networking, deep learning, machine learning, DDoS attack, transport layer, application layer, slow-rate attacks.

show abstract

Comparative Study of Artificial Neural Network Based Channel Equalization Methods for mmWave Communications

Carrera

Vargas-Rosales

Yungaicela-Naula

et al. 2021

IEEE Access

View full text Add to dashboard Cite

In this paper, we compare two artificial neural networks (ANNs) approaches designed to perform channel equalization for millimeter-wave (mmWave) signals operating in the 28 GHz frequency band. We used an in-house deterministic Three-Dimensional Ray-Launching (3D-RL) code to simulate the spatial structure of mmWave channels considering the material properties of the obstacles within the scenario at the frequency under analysis. We performed offline training of a multilayer perceptron (MLP) neural network with the simulated mmWave channels to equalize the received signal. We also performed online training of an extreme learning machine (ELM) neural network to directly get the equalized symbols at the receiver, given as input the received mmWave signal. The ANN solutions were tested in terms of the achievable spectral efficiency, bit error rate, and time to process. We compared the ANN techniques to the minimum mean square error and the zero-forcing equalizers, considering an orthogonal frequencydivision multiplexing communication based on the 5G New Radio standard. We present numerical results on the performance of the proposed ANNs and show that the ELM strategy outperforms the MLP method, requiring significantly less processing time than the reviewed equalization methods.INDEX TERMS 5G and beyond, Channel equalization, ELM, Multilayer Perceptron, mmWave communications, OFDM.

show abstract

A flexible SDN-based framework for slow-rate DDoS attack mitigation by using deep reinforcement learning

Yungaicela-Naula

Vargas-Rosales²,

Díaz³

et al. 2022

Journal of Network and Computer Applications

View full text Add to dashboard Cite

UAV-Based Air Pollutant Source Localization Using Combined Metaheuristic and Probabilistic Methods

et al. 2019

View full text Add to dashboard Cite

Air pollution is one of the greatest risks for the health of people. In recent years, platforms based on Unmanned Aerial Vehicles (UAVs) for the monitoring of pollution in the air have been studied to deal with this problem, due to several advantages, such as low-costs, security, multitask and ease of deployment. However, due to the limitations in the flying time of the UAVs, these platforms could perform monitoring tasks poorly if the mission is not executed with an adequate strategy and algorithm. Their application can be improved if the UAVs have the ability to perform autonomous monitoring of the areas with a high concentration of the pollutant, or even to locate the pollutant source. This work proposes an algorithm to locate an air pollutant’s source by using a UAV. The algorithm has two components: (i) a metaheuristic technique is used to trace the increasing gradient of the pollutant concentration, and (ii) a probabilistic component complements the method by concentrating the search in the most promising areas in the targeted environment. The metaheuristic technique has been selected from a simulation-based comparative analysis between some classical techniques. The probabilistic component uses the Bayesian methodology to build and update a probability map of the pollutant source location, with each new sensor information available, while the UAV navigates in the environment. The proposed solution was tested experimentally with a real quadrotor navigating in a virtual polluted environment. The results show the effectiveness and robustness of the algorithm.

show abstract

Physical Assessment of an SDN-Based Security Framework for DDoS Attack Mitigation: Introducing the SDN-SlowRate-DDoS Dataset

et al. 2023

View full text Add to dashboard Cite

Slow-read Distributed Denial of Service (DDoS) attacks are complex to detect and mitigate.Although existing tools allow one to identify these attacks, these tools mainly generate alerts. However, in real scenarios, a large number of attack detection alerts will put the security workforce in a bottleneck, as they will not be able to implement mitigation actions in a complete and timely manner. Furthermore, since most existing security solutions for DDoS attack mitigation are tested using datasets and simulated scenarios, their applicability to production networks could be unfeasible or ineffective due to possibly incomplete assumptions in their design. Therefore, automated security solutions against DDoS attacks are needed not only to be designed but also to be implemented and evaluated in real scenarios. This study presents a Software-Defined Networking (SDN)-based security framework, which automates the monitoring, detection, and mitigation of slow-rate DDoS attacks. The framework is implemented in a physical network that uses equipment from the European Experimental Facility Smart Networks for Industry (SN4I). The results demonstrate that the framework effectively mitigates malicious connections, with a mitigation efficiency between 91.66% -100% for different conditions of the number of attackers and victims. In addition, the SDN-SlowRate-DDoS dataset is presented, which contains multiple experiments of slowrate DDoS attacks performed on the real testbed. The resources provided in this security dataset are useful to the scientific and industry communities in designing and testing realistic solutions for intrusion detection systems.INDEX TERMS Dataset, deep learning, slow-rate DDoS, software defined networking (SDN), intrusion detection system (IDS), intrusion prevention system (IPS). CARLOS MARTINEZ-CAGNAZZO received the B.Sc. degree in electrical engineering from Universidad de la Republica, Montevideo, Uruguay, in 1998. He has worked in the internet industry in different roles, including large network design and network security. He is currently the Chief Technical Officer with Latin American Network Address Registry. His research interests include internet measurements, inter-domain routing, BGP security, IPv6, and DNS. He has taught courses on computer networking and cybersecurity and partnered in different research projects trying to bridge the gap between academia and the industry.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.