2021
DOI: 10.1186/s13638-021-01957-9
|View full text |Cite
|
Sign up to set email alerts
|

A cooperative DDoS attack detection scheme based on entropy and ensemble learning in SDN

Abstract: In order to solve the problem of distributed denial of service (DDoS) attack detection in software-defined network, we proposed a cooperative DDoS attack detection scheme based on entropy and ensemble learning. This method sets up a coarse-grained preliminary detection module based on entropy in the edge switch to monitor the network status in real time and report to the controller if any abnormality is found. Simultaneously, a fine-grained precise attack detection module is designed in the controller, and a e… Show more

Help me understand this report
View preprint versions

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
9
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
7
2

Relationship

0
9

Authors

Journals

citations
Cited by 28 publications
(9 citation statements)
references
References 28 publications
0
9
0
Order By: Relevance
“…An in-depth study about scalability in a real large-scale environment will be necessary. We do not believe that running part of the algorithm on the endpoints is a solution as proposed by Yu et al (2021). One possibility is to consider a distributed SDN controller architectures as indicated in Oktian et al (2017).…”
Section: Discussionmentioning
confidence: 99%
See 1 more Smart Citation
“…An in-depth study about scalability in a real large-scale environment will be necessary. We do not believe that running part of the algorithm on the endpoints is a solution as proposed by Yu et al (2021). One possibility is to consider a distributed SDN controller architectures as indicated in Oktian et al (2017).…”
Section: Discussionmentioning
confidence: 99%
“…One possibility is to consider a distributed SDN controller architectures as indicated in Oktian et al (2017). We can use distributed SDN controller architecture and use Commercial off-the-shelf (COTS) SDN switches and its standard functions, instead of Yu et al (2021) proposal to calculate the entropy on edge nodes to easy central controller. Besides the scalability, the distributed controller approach provides a fault-tolerant architecture Obadia et al (2014), which would be the optimal solution for large complex network infrastructures.…”
Section: Discussionmentioning
confidence: 99%
“…SAFETY uses an entropy-based detection mechanism to mitigate TCP SYN flooding attacks in SDN [ 8 ]. The ensemble learning techniques are introduced to cooperatively detect DoS attacks in SDN [ 9 ]. A generalized entropy (GE) is introduced to detect the low-rate DDoS attacks on the control plane [ 10 ].…”
Section: Related Workmentioning
confidence: 99%
“…The proposed entropy mechanism compares the entropy flow values of source and destination IP addresses that are detected by the SDN controller to predefined entropy threshold values that change adaptively based on network dynamics [8]. In this regard, some of the entropy-based DDoS attack detection solutions are located in various studies and explained in the following section [9][10][11][12][13][14][15][16].…”
Section: Introductionmentioning
confidence: 99%