A DDoS Detection Method Based on Feature Engineering and Machine Learning in Software-Defined Networks

Liu, Zhenpeng; Wang, Yihang; Feng, Feng; Liu, Yifan; Li, Zelin; Shan, Ying

doi:10.3390/s23136176

Cited by 17 publications

(6 citation statements)

References 49 publications

(68 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This approach has demonstrated reliability in detecting DDoS attacks, a fact exemplified in Figure 2. Liu et al [2] delved into the development of a DDoS detection method tailored for Software-Defined Networks (SDNs), employing machine learning algorithms. This method effectively discerns DDoS attacks in SDN systems by extracting pertinent data from network traffic and deploying machine learning models to differentiate between legitimate and malicious traffic.…”

Section: Literature Reviewmentioning

confidence: 99%

“…This approach potentially improves performance by mitigating the limitations of individual models and harnessing the diversity of multiple models. Conversely, deep learning models, utilizing neural networks with multiple layers, are adept at autonomously recognizing and extracting complex patterns and features from data streams, thereby effectively identifying intricate DDoS attacks [2].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Evaluating Machine Learning and Deep Learning Models for Enhanced DDoS Attack Detection

Owaid,

Hammoodi

2024

MMEP

View full text Add to dashboard Cite

In the realm of network security, distributed denial of service (DDoS) attacks pose a formidable threat, often resulting in operational disruptions and substantial financial losses. Traditional methods for DDoS detection struggle to adapt to the rapidly evolving attack methodologies, leading to compromised detection robustness and accuracy. The urgent need for more sophisticated detection mechanisms is evident. This investigation explores the effectiveness of advanced deep learning and ensemble machine learning models in identifying DDoS threats. A comprehensive approach is employed, leveraging a multitude of base classifiers to construct a robust and precise detection system. Integral to this study is the application of convolutional neural networks (CNNs), a deep learning variant, adept at discerning complex patterns and relationships within network traffic data. These models excel in autonomously extracting pertinent features, thereby enabling efficient detection of intricate DDoS attacks. A critical step in this methodology involves the collection of a comprehensive network traffic dataset, encompassing both normal and DDoS attack scenarios. This dataset undergoes a rigorous preprocessing and enhancement phase to ensure a balanced and representative training set. Subsequently, the augmented data is utilized to train the proposed models. The performance of these models is evaluated using a variety of metrics. Results from the experiments demonstrate that both machine learning and deep learning models significantly surpass existing techniques in DDoS detection. By amalgamating the strengths of various classifiers and neural networks, the method enhances detection precision and resistance to diverse attack variations. Comparative analyses reveal impressive performance metrics, with models such as CNN 1D and Alex Net achieving high levels of accuracy and precision. The outcomes of this study underscore the superiority of deep learning models in identifying both prevalent and novel DDoS attack patterns, thereby highlighting their potential in countering evolving cyber threats. The findings advocate for the enhanced precision and adaptability of the proposed approach in DDoS detection, marking a significant advancement in the field.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Evaluating Machine Learning and Deep Learning Models for Enhanced DDoS Attack Detection

Owaid,

Hammoodi

2024

MMEP

View full text Add to dashboard Cite

show abstract

“…This research provides a feature-engineering-and machine-learningbased technique for detecting DDoS assaults in SDN. First, the CSE-CIC-IDS2018 dataset was cleaned and normalized, and the best feature subset was identified using an enhanced binary grey wolf optimization approach [21]. This research proposes DL-2P-DDoSADF, a deep-learning-based two-phase DoS attack detection system.…”

Section: Deployment For Ddos Attack Detectionmentioning

confidence: 99%

“…Through the use of ensemble techniques, RF increases the accuracy of individual DTs, making it more dependable for DDoS assault detection. The necessity to train many trees makes RFs more computationally demanding than a single DT [21].…”

Section: Random Forestmentioning

confidence: 99%

Feature-Selection-Based DDoS Attack Detection Using AI Algorithms

Raza,

Sheikh,

Hwang

et al. 2024

Telecom

View full text Add to dashboard Cite

SDN has the ability to transform network design by providing increased versatility and effective regulation. Its programmable centralized controller gives network administration employees more authority, allowing for more seamless supervision. However, centralization makes it vulnerable to a variety of attack vectors, with distributed denial of service (DDoS) attacks posing a serious concern. Feature selection-based Machine Learning (ML) techniques are more effective than traditional signature-based Intrusion Detection Systems (IDS) at identifying new threats in the context of defending against distributed denial of service (DDoS) attacks. In this study, NGBoost is compared with four additional machine learning (ML) algorithms: convolutional neural network (CNN), Stochastic Gradient Descent (SGD), Decision Tree, and Random Forest, in order to assess the effectiveness of DDoS detection on the CICDDoS2019 dataset. It focuses on important measures such as F1 score, recall, accuracy, and precision. We have examined NeTBIOS, a layer-7 attack, and SYN, a layer-4 attack, in our paper. Our investigation shows that Natural Gradient Boosting and Convolutional Neural Networks, in particular, show promise with tabular data categorization. In conclusion, we go through specific study results on protecting against attacks using DDoS. These experimental findings offer a framework for making decisions.

show abstract

“…In the BOT-IOT dataset, NB achieved an accuracy of 100% for both binary and multiclass classification. Liu et al [15] also implemented RF, SVM, KNN, DT, and XGBoost, using the CSE-CIC-IDS2018 dataset, demonstrating that RF is the best classifier with an accuracy of 98.95%.…”

Section: Introductionmentioning

confidence: 99%

Improvement of Distributed Denial of Service Attack Detection through Machine Learning and Data Processing

Becerra-Suarez,

Fernández-Roman,

Forero

2024

Mathematics

View full text Add to dashboard Cite

The early and accurate detection of Distributed Denial of Service (DDoS) attacks is a fundamental area of research to safeguard the integrity and functionality of organizations’ digital ecosystems. Despite the growing importance of neural networks in recent years, the use of classical techniques remains relevant due to their interpretability, speed, resource efficiency, and satisfactory performance. This article presents the results of a comparative analysis of six machine learning techniques, namely, Random Forest (RF), Decision Tree (DT), AdaBoost (ADA), Extreme Gradient Boosting (XGB), Multilayer Perceptron (MLP), and Dense Neural Network (DNN), for classifying DDoS attacks. The CICDDoS2019 dataset was used, which underwent data preprocessing to remove outliers, and 22 features were selected using the Pearson correlation coefficient. The RF classifier achieved the best accuracy rate (99.97%), outperforming other classifiers and even previously published neural network-based techniques. These findings underscore the feasibility and effectiveness of machine learning algorithms in the field of DDoS attack detection, reaffirming their relevance as a valuable tool in advanced cyber defense.

show abstract

A DDoS Detection Method Based on Feature Engineering and Machine Learning in Software-Defined Networks

Cited by 17 publications

References 49 publications

Evaluating Machine Learning and Deep Learning Models for Enhanced DDoS Attack Detection

Evaluating Machine Learning and Deep Learning Models for Enhanced DDoS Attack Detection

Feature-Selection-Based DDoS Attack Detection Using AI Algorithms

Improvement of Distributed Denial of Service Attack Detection through Machine Learning and Data Processing

Contact Info

Product

Resources

About