Detecting Distributed Denial of Service Attacks in Software-Defined Networks with a Deep Learning Approach
Subject Areas : AI and RoboticsYounes Mehdizadeh 1 * , Mehdi Sadeghzadeh 2
1 -
2 - Associate Professor, Computer Department, Faculty of Computer Science, Islamic Azad University, Science and Research Unit, Tehran, Iran
Keywords: Software defined networks, distributed denial of service attacks, cloud computing, deep learning, neural networks,
Abstract :
The growth of cloud computing has led to the development of software-defined networks. These networks enable dynamic management and performance improvement. Security threats in this type of network are a growing concern. Especially, the controller of these networks is an attractive target for hackers and distributed denial of service attacks. Many researchers have proposed different methods to detect these attacks, whose false detection rate is very high and has led to a decrease in detection accuracy. For this purpose, in this research, the focus is on detecting distributed denial of service attacks through deep learning using prominent features of packets. After pre-processing and preparing the data, the proposed method separates the salient and important features of the packages through the support vector machine method and finally by using an innovative hybrid neural network consisting of convolutional neural network, sample recurrent neural network and Long-term short-term memory neural network separates attack packets from normal packets. A standard data set has been used to evaluate the proposed method through standard evaluation criteria such as detection accuracy, precision, false detection rate and harmonic mean accuracy. The findings show that the proposed method detects distributed denial of service attacks with 95.2% detection accuracy, 92.09% precision, 5.1% false alarm rate, and 93.87% F1_measure.
[1] Muhammad, Tayyab. "Revolutionizing Network Control: Exploring the Landscape of Software-Defined Networking (SDN)." International Journal of Computer Science and Technology 3.1 pp 36-68, (2019).
[2] D. Kreutz et al., "Software-defined networking: A comprehensive survey," Proceedings of the IEEE, vol. 103, no. 1, pp. 14-76, 2015.
[3] S. Mousavi et al., "Early detection of DDoS attacks against SDN controllers," in Proceedings of the 2015 International Conference on Computing, Networking and Communications (ICNC), pp. 77-81.
[4] M. A. Aladaileh et al., "Renyi Joint Entropy-Based Dynamic Threshold Approach to Detect DDoS Attacks against SDN Controller with Various Traffic Rates," Appl. Sci., vol. 12, no. 12, p. 6127, 2022.
[5] K. M. Sudar et al., "Detection of Distributed Denial of Service Attacks in SDN using Machine learning techniques," in Proceedings of the 2021 International Conference on Computer Communication and Informatics (ICCCI), pp. 1-5.
[6] L. Wan, Q. Wang, and S. Zheng, "Deep SSAE-BiLSTM Model for DDoS Detection In SDN," in Proceedings of the 2nd International Conference on Computer Communication and Network Security (CCNS), pp. 1-4, 2021
[7] F. Alanazi et al., "Ensemble Deep Learning Models for Mitigating DDoS Attack in Software-Defined Network," Intell. Autom. Soft Comput, vol. 33, pp. 923–938, 2022.
[8] V. Deepa et al., "Detection of DDoS attack on SDN control plane using hybrid machine learning techniques," in Proceedings of the 2018 International Conference on Smart Systems and Inventive Technology (ICSSIT), pp. 299–303.
[9] R. Santos et al., "Machine learning algorithms to detect DDoS attacks in SDN," Concurr. Comput. Pract. Exp., vol. 32, p. e5402, 2020.
[10] A. Mansoor et al., "Deep Learning-Based Approach for Detecting DDoS Attack on Software-Defined Networking Controller," Systems, vol. 11, no. 6, p. 296, 2023.
[11] J. Karhunen, T. Raiko, and K. Cho, "Unsupervised deep learning: A short review," in Advances in Independent Component Analysis and Learning Machines, E. Bingham et al., Eds. Academic Press, 2015, pp. 125–142.
[12] A. K. Singh and S. Srivastava, "A survey and classification of controller placement problem in SDN," International Journal of Network Management, vol. 28, no. 3, p. e2018, 2018.
[13] K. Sood and Y. Xiang, "The controller placement problem or the controller selection problem?," Journal of Communications and Information Networks, vol. 2, no. 3, pp. 1-9, 2017.
[14] B. A. A. Nunes et al., "A survey of software-defined networking: Past, present, and future of programmable networks," IEEE Communications surveys & tutorials, vol. 16, no. 3, pp. 1617-1634, 2014.
[15] W. Xia et al., "A survey on software-defined networking," IEEE Communications Surveys & Tutorials, vol. 17, no. 1, pp. 27-51, 2014.
[16] Open Networking Foundation. [Online]. Available:https://www.opennetworking.org/about.
[17] Y. Jarraya, T. Madi, and M. Debbabi, "A survey and a layered taxonomy of software-defined networking," IEEE Communications surveys & tutorials, vol. 16, no. 4, pp. 1955-1980, 2014.
[18] S. Sezer et al., "Are we ready for SDN? Implementation challenges for software-defined networks," IEEE Communications Magazine, vol. 51, no. 7, pp. 36-43, 2013.
[19] R. Trestian, K. Katrinis, and G. M. Muntean, "OFLoad: An OpenFlow-based dynamic load balancing strategy for datacenter networks," IEEE Transactions on Network and Service Management, vol. 14, no. 4, pp. 792-803, 2017.
[20] H. Wang, Y. Wang, and Y. J. Yan, "A distributed network traffic monitoring platform based on SDN," Electric Power Information and Communication Technology, vol. 14, no. 10, pp. 22-27, 2016
[21] J. Schmidhuber, "Deep learning in neural networks: An overview," Neural Netw., vol. 61, pp. 85–117, 2015.
[22] O. E. Elejla et al., "Deep-Learning-Based Approach to Detect ICMPv6 Flooding DDoS Attacks on IPv6 Networks," Appl. Sci., vol. 12, no. 12, p. 6150, 2022.
[23] Y. LeCun and Y. Bengio, "Convolutional networks for images, speech, and time series," Handb. Brain Theory Neural Netw., vol. 3361, 1995.
[24] X. Pan et al., "Recent methodology progress of deep learning for RNA–protein interaction prediction," Wiley Interdiscip. Rev. RNA, vol. 10, p. e1544, 2019.
[25] A. Dongare et al., "Introduction to artificial neural network," Int. J. Eng. Innov. Technol. (IJEIT), vol. 2, pp. 189–194, 2012.
[26] J. Karhunen et al., "Unsupervised deep learning: A short review," in Advances in Independent Component Analysis and Learning Machines, E. Bingham et al., Eds. Academic Press, 2015, pp. 125–142.
[27] C. Cortes and V. Vapnik, "Support-vector networks," Mach. Learn., vol. 20, no. 3, pp. 273–297, 1995.
[28] F. Tang et al., "Group feature selection with multiclass support vector machine," Neurocomputing, vol. 317, pp. 42–49, 2018.
[29] J. Weston and C. Watkins, "Support vector machines for multi-class pattern recognition," in Proceedings of the 7th European Symposium On Artificial Neural Networks, 1999, pp. 219–224.
[30] Y. Guo, Z. Zhang, and F. Tang, "Feature selection with kernelized multi-class support vector machine," Pattern Recognition, vol. 117, p. 107988, 2021.
[31] A. Akhunzada et al., "Securing software defined networks: Taxonomy, requirements, and open issues," IEEE Commun. Mag., vol. 53, pp. 36–44, 2015.
[32] A. Pradhan and R. Mathew, "Solutions to Vulnerabilities and Threats in Software Defined Networking (SDN)," Procedia Comput. Sci., vol. 171, pp. 2581–258, 2020.
[33] Khashab, F.; Moubarak, J.; Feghali, A.; Bassil, C. DDoS attack detection and mitigation in SDN using machine learning. In Proceedings of the 2021 IEEE 7th International Conference on Network Softwarization (NetSoft), Tokyo, Japan, 28 June–2 July 2021; pp. 395–401
[34] K. M. Sudar et al., "Detection of Distributed Denial of Service Attacks in SDN using Machine learning techniques," in Proceedings of the 2021 International Conference on Computer Communication and Informatics (ICCCI), pp. 1–5.
[35] R. Santos et al., "Machine learning algorithms to detect DDoS attacks in SDN," Concurr.Comput. Pract. Exp., vol. 32, p. e5402, 2020.
[36] B. Celesova et al., "Enhancing security of SDN focusing on control plane and data plane," in Proceedings of the 2019 7th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6.
[37] V. Deepa et al., "Detection of DDoS attack on SDN control plane using hybrid machine learning techniques," in Proceedings of the 2018 International Conference on Smart Systems and Inventive Technology (ICSSIT), pp. 299–303.
[38] F. Alanazi et al., "Ensemble Deep Learning Models for Mitigating DDoS Attack in Software-Defined Network," Intell. Autom. Soft Comput, vol. 33, pp. 923–938, 2022.
[39] C. Hsieh et al., "Efficient Detection of Link-Flooding Attacks with Deep Learning," Sustainability, vol. 13, p. 12514, 2021.
[40] L. Wan, Q. Wang, and S. Zheng, "Deep SSAE-BiLSTM Model for DDoS Detection In SDN," in Proceedings of the 2nd International Conference on Computer Communication and Network Security (CCNS), pp. 1–4, 2021
[41] T. H. Lee, L. H. Chang, and C. W. Syu, "Deep learning enabled intrusion detection and prevention system over SDN networks," in Proceedings of the 2020 IEEE International Conference on Communications Workshops (ICC Workshops), pp. 1–6.
[42] S. Boukria and M. Guerroumi, "Intrusion detection system for SDN network using deep learning approach," in Proceedings of the 2019 International Conference on Theoretical and Applicative Aspects of Computer Science (ICTAACS), Volume 1, pp. 1–6.
[43] M. Iqbal and M. Rizwan, "Application of 80/20 rule in software engineering Waterfall Model," in Proceedings of the 2009 International Conference on Information and Communication Technologies, pp. 223–228.
[44] https://www.kaggle.com/datasets/chiragchiku25/ddos-sdn-dataset