A denial of service (DoS) attack is one of the dangerous threats to networks that Internet resources and services will be less available, as they are easily operated and difficult to detect. As a result, identifying these intrusions is a hot issue in cybersecurity. Intrusion detection systems that use classic machine learning algorithms have a long testing period and high computational complexity. Therefore, it is critical to develop or improve techniques for detecting such an attack as quickly as possible to reduce the impact of the attack. As a result, we evaluate the effectiveness of rapid machine learning methods for model testing and generation in communication networks to identify denial of service attacks. In WEKA tools, the CICIDS2017 dataset is used to train and test multiple machine learning algorithms. The wide learning system and its expansions and the REP tree (REPT), random tree (RT), random forest (RF), decision stump (DS), and J48 were all evaluated. Experiments have shown that J48 takes less testing time and performs better, whereases it is performed by using 4-8 features. An accuracy result of 99.51% and 99.96% was achieved using 4 and 8 features, respectively.
Software defined networking (SDN) is a new network architecture that allows for centralized network control. The separation of the data plane from the control plane, which establishes a programmable network environment, is the key breakthrough underpinning SDN. The controller facilitates the deployment of services that specify control policies and delivers these rules to the data plane using a common protocol such as OpenFlow at the control plane. Despite the many advantages of this design, SDN security remains a worry because the aforementioned chapter expands the network's attack surface. In fact, denial of service (DoS) assaults pose a significant threat to SDN settings in a variety of ways, owing to flaws in the data and control layers. This work shows how distributed denial of service (DDoS) attack detection is based on the entropy variation of the destination IP address. The study takes advantage of the OpenFlow protocol's (OFP) flexibility and an OpenFlow controller (POX) to apply the proposed method. An entropy computation to determine the distributed features of DDoS traffic is developed and it is capable of detecting a user datagram protocol (UDP) flood attack after 0.445 seconds this type of attack occurred.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.