A novel approach for accurate detection of the DDoS attacks in SDN-based SCADA systems based on deep recurrent neural networks

Polat, Hüseyin; Türkoğlu, Muammer; Polat, Onur; Şengür, Abdulkadir

doi:10.1016/j.eswa.2022.116748

Cited by 54 publications

(27 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Datasets Metrics Year BPNN [25] World Cup 1998 Dataset Precision / Recall / F1-score / Accuracy 2020 UADAIN [26] ISCX 2012 / NSL-KDD Accuracy / Detection rate / FAR 2022 OCSA-RNN [28] KDD99 Precision / Recall / F-Measure / Accuracy 2021 LSTM-GRU-SVM [29] SCADA Accuracy / Sensitivity / Specificity / Precision / F1-score Confusion matrix 2022…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Traffic Anomaly Detection in Wireless Sensor Networks Based on Principal Component Analysis and Deep Convolution Neural Network

Yao¹,

Yang²,

Yin³

et al. 2022

IEEE Access

View full text Add to dashboard Cite

With the popularity of wireless networks, wireless sensor networks (WSNs) have advanced rapidly, and their flexibility and ease of deployment have resulted in more security concerns, making it critical to research network intrusion prevention for WSNs. Denial of service (DoS) is a common network attack, achieving its goal by bringing down the target network. A DoS attack on WSNs devices with limited resources would be fatal. This paper proposes a method based on principal component analysis (PCA) and a deep convolution neural network (DCNN) for DoS traffic anomaly detection in WSNs, based on the vulnerability of WSNs to attacks and the limited storage space of their devices. Compared with the conventional deep learning structure, the proposed model has a lightweight structure and more effective feature extraction capability, which can effectively detect network abnormal traffic in WSNs devices with limited storage capacity. To assure the effectiveness of the proposed model, receiver operating characteristic (ROC) curves, various classification metrics, and confusion matrices are used to verify the classification results of the model. Through experimental comparison, the proposed model, with small model size, outperforms other mainstream abnormal traffic detection models in terms of classification effect.

show abstract

Section: Methodsmentioning

confidence: 99%

“…This combination of feature selection and DL classification methods achieved good results. Hüseyin Polat et al [29] combined long short-term memory (LSTM) and gated recurrent units for DDoS feature extraction and classification. This combination of multiple DL algorithms has also been continuously investigated in recent years.…”

Section: Related Workmentioning

confidence: 99%

Traffic Anomaly Detection in Wireless Sensor Networks Based on Principal Component Analysis and Deep Convolution Neural Network

Yao¹,

Yang²,

Yin³

et al. 2022

IEEE Access

View full text Add to dashboard Cite

show abstract

“…P. Hüseyin et al [17] applied an IDS to identify DDoS in SDN networks. The main contribution of this research is to merge two DL approaches in parallel for traffic classification and SVM for feature extraction.…”

Section: E Related Work and Critical Reviewmentioning

confidence: 99%

Overhead Reduction Technique for Software-Defined Network Based Intrusion Detection Systems

2022

View full text Add to dashboard Cite

In Software-Defined Networks, the Intrusion Detection System is receiving growing attention, due to the expansion of the internet and cloud storage. This system is vital for institutions that use cloud services and have many users. Although the Intrusion Detection System offers several security features, its performance is lagging behind in large enterprise's networks. Existing approaches are based on centralised processing and use many features to implement a protection system. Therefore, system overload and poor performance occur at the controller and OpenFlow switches. As a result, the current solutions create issues that must be considered, especially when they are implemented on large networks. Furthermore, enhancements in security applications improve the reliability of networks. Following a literature review of the existing Intrusion Detection Systems, this paper presents a new model that offers decentralised processing and exchanges data over a trusted, independent channel, in order to solve issues relating to system overload and poor performance. Our model utilises an appropriate feature selection method to reduce the number of extracted features and minimise the data transmitted over the channels. Additionally, the Naive Bayes algorithm has been employed for flow classification purposes, since it is a fast classifier. We successfully implemented our framework, using the Mininet emulator, which provides a suitable networking environment. Evaluations indicates that our proposed system can detect various attacks with an accuracy of 98.46% and nominal decreasing rates of 1.5% in throughput and 0.7% in latency analyses, when the model is implemented in wide range networks.

show abstract

“…The security objectives in this situation are unauthorized access, data modification, access control, integrity, and availability [12][13]. Thus, an SDN architecture based on MAC is recommended to detect and prevent unauthorized access [14]. In MAC-based SDN architectures, controllers manage the flow of data packets based on the MAC addresses of devices connected to the network, making intrusion detection an important security concern [15].…”

Section: Introductionmentioning

confidence: 99%

Dual discriminator conditional sheep flock generative adversarial network-based intrusion detection system in MAC-based SDN framework

Nanavath

Bhattacharyya

2023

Preprint

View full text Add to dashboard Cite

Software-defined networking (SDN) technology enables and supports the 5G ecosystem, which is expected to handle a vast amount of sensitive data and provide connectivity to many users, making them more vulnerable to cyberattacks. Security measures, such as access control, encryption, authentication, and intrusion detection systems, must be implemented to protect network security against adversarial attacks. An intrusion detection system is a security technology designed to detect vulnerabilities in computer systems. Medium Access Control (MAC) addresses are required to identify and control access to specific devices on a network. Although there are various methods for intrusion detection, the most popular approaches have low accuracy. Therefore, a dual discriminator conditional sheep flock generative adversarial network-based intrusion detection system (IDS) in MAC-based SDN architecture is proposed to solve these issues and detect and prevent attacks. Initially, the 5G users authenticate with the help of the Four-Q-Curve algorithm. Next, the ideal switches are chosen to overcome the flow table overload using the univariate ensemble feature selection technique. Following this, a dual-discriminator conditional generative adversarial network (DC-GAN) is used to categorize selected features into normal, assault, and suspicious packets. The Sheep Flock Optimization Algorithm (SFOA) is used to optimize the DC-GAN. Then, the Growing Self-Organizing Map (GSOM) classifies the suspicious packets into normal and malicious packets. The experimental results show that the proposed method outperforms the existing methods in terms of accuracy, F1 score, sensitivity, and false alarm rate while ensuring low energy consumption and higher network throughput.

show abstract

A novel approach for accurate detection of the DDoS attacks in SDN-based SCADA systems based on deep recurrent neural networks

Cited by 54 publications

References 31 publications

Traffic Anomaly Detection in Wireless Sensor Networks Based on Principal Component Analysis and Deep Convolution Neural Network

Traffic Anomaly Detection in Wireless Sensor Networks Based on Principal Component Analysis and Deep Convolution Neural Network

Overhead Reduction Technique for Software-Defined Network Based Intrusion Detection Systems

Dual discriminator conditional sheep flock generative adversarial network-based intrusion detection system in MAC-based SDN framework

Contact Info

Product

Resources

About