A multi-criteria-based DDoS-attack prevention solution using software defined networking

Trung, Phan Van; Hương, Trương Thu; Tuyen, Dang Van; Đức, Dương Minh; Thanh, Nguyen Huu; Marshall, Alan

doi:10.1109/atc.2015.7388340

Cited by 34 publications

(11 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In order to improve the scalability of native OpenFlow, a new method combining OpenFlow and sFlow has been proposed in [16] for an effective and scalable anomaly detection and mitigation mechanism in an SDN environment. Trung et al [17] combine hard thresholds of detection and fuzzy inference system (FIS) to detect risk of DDoS attacks based on the real traffic characteristic under normal and attack states. Three features are chosen for detecting the attack: Distribution of Interarrival Time, Distribution of packet quantity per flow and Flow quantity to a server.…”

Section: Previous Workmentioning

confidence: 99%

Deep learning approach for Network Intrusion Detection in Software Defined Networking

Tang

Mhamdi

McLernon

et al. 2016

2016 International Conference on Wireless Networks and Mobile Communications (WINCOM)

629

316

View full text Add to dashboard Cite

Abstract-Software Defined Networking (SDN) has recently emerged to become one of the promising solutions for the future Internet. With the logical centralization of controllers and a global network overview, SDN brings us a chance to strengthen our network security. However, SDN also brings us a dangerous increase in potential threats. In this paper, we apply a deep learning approach for flow-based anomaly detection in an SDN environment. We build a Deep Neural Network (DNN) model for an intrusion detection system and train the model with the NSL-KDD Dataset. In this work, we just use six basic features (that can be easily obtained in an SDN environment) taken from the fortyone features of NSL-KDD Dataset. Through experiments, we confirm that the deep learning approach shows strong potential to be used for flow-based anomaly detection in SDN environments.

show abstract

Section: Previous Workmentioning

confidence: 99%

Deep learning approach for Network Intrusion Detection in Software Defined Networking

Tang

Mhamdi

McLernon

et al. 2016

2016 International Conference on Wireless Networks and Mobile Communications (WINCOM)

629

316

View full text Add to dashboard Cite

show abstract

“…The entropy will drop dramatically when any attack happens. Trung et al [23] combined hard thresholds of detection and a fuzzy inference system to detect the risk of DDoS attacks based on the real traffic characteristics (Distribution of Inter-arrival Time, Distribution of packet quantity per flow and Flow quantity to a server) under normal and attack states.…”

Section: Related Workmentioning

confidence: 99%

DeepIDS: Deep Learning Approach for Intrusion Detection in Software Defined Networking

et al. 2020

View full text Add to dashboard Cite

Software Defined Networking (SDN) is developing as a new solution for the development and innovation of the Internet. SDN is expected to be the ideal future for the Internet, since it can provide a controllable, dynamic, and cost-effective network. The emergence of SDN provides a unique opportunity to achieve network security in a more efficient and flexible manner. However, SDN also has original structural vulnerabilities, which are the centralized controller, the control-data interface and the control-application interface. These vulnerabilities can be exploited by intruders to conduct several types of attacks. In this paper, we propose a deep learning (DL) approach for a network intrusion detection system (DeepIDS) in the SDN architecture. Our models are trained and tested with the NSL-KDD dataset and achieved an accuracy of 80.7% and 90% for a Fully Connected Deep Neural Network (DNN) and a Gated Recurrent Neural Network (GRU-RNN), respectively. Through experiments, we confirm that the DL approach has the potential for flow-based anomaly detection in the SDN environment. We also evaluate the performance of our system in terms of throughput, latency, and resource utilization. Our test results show that DeepIDS does not affect the performance of the OpenFlow controller and so is a feasible approach.

show abstract

“…An anomaly-based scheme can be found in [11] that uses Fuzzy Interference System to detect anomalies based on traffic pattern. This solution can detect if an attack happens no matter what type of attack is it.…”

Section: Related Workmentioning

confidence: 99%

A data-driven approach for Network Intrusion Detection and Monitoring based on Kernel Null Space

Hương¹,

Bac²,

Nguyen³

et al. 2019

EAI Endorsed Transactions on Industrial Networks and Intelligen

View full text Add to dashboard Cite

In this study, we propose a new approach to determine intrusions of network in real-time based on statistical process control technique and kernel null space method. The training samples in a class are mapped to a single point using the Kernel Null Foley-Sammon Transform. The Novelty Score are computed from testing samples in order to determine the threshold for the real-time detection of anomaly. The efficiency of the proposed method is illustrated over the KDD99 data set. The experimental results show that our new method outperforms the OCSVM and the original Kernel Null Space method by 1.53% and 3.86% respectively in terms of accuracy.

show abstract

A multi-criteria-based DDoS-attack prevention solution using software defined networking

Cited by 34 publications

References 9 publications

Deep learning approach for Network Intrusion Detection in Software Defined Networking

Deep learning approach for Network Intrusion Detection in Software Defined Networking

DeepIDS: Deep Learning Approach for Intrusion Detection in Software Defined Networking

A data-driven approach for Network Intrusion Detection and Monitoring based on Kernel Null Space

Contact Info

Product

Resources

About