An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers

Gadze, James Dzisi; Bamfo-Asante, Akua Acheampomaa; Agyemang, Justice Owusu; Nunoo‐Mensah, Henry; Opare, Kwasi Adu-Boahen

doi:10.3390/technologies9010014

Cited by 66 publications

(54 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…SDN DDoS detection framework can be divided into two main modes. In the first mode, the smart DDOS detection algorithm, such as the deep learning algorithm [11,12], is deployed in the controller. However, the smart algorithm training process can significantly impact the controller and make the controller be the network bottleneck.…”

Section: Introductionmentioning

confidence: 99%

DDoS Detection Using a Cloud-Edge Collaboration Method Based on Entropy-Measuring SOM and KD-Tree in SDN

Yu²,

Hong

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

Software-defined networking (SDN) emerges as an innovative network paradigm, which separates the control plane from the data plane to improve the network programmability and flexibility. It is widely applied in the Internet of Things (IoT). However, SDN is vulnerable to DDoS attacks, which can cause network disasters. In order to protect SDN security, a DDoS detection method using cloud-edge collaboration based on Entropy-Measuring Self-organizing Maps and KD-tree (EMSOM-KD) is designed for SDN. Entropy measurement is utilized to select the ideal SOM map and classify SOM neurons considering the limitation of dead and suspicious neurons. EMSOM can detect most flows directly and filter out a few doubtable flows. Then these flows are fine-grained, identified by KD-tree. Due to the limited and precious resources of the controller, parameter computation is performed in the cloud. The edge controller implements DDoS detection by EMSOM-KD. The experiments are conducted to evaluate the performance of the proposed method. The results show that EMSOM-KD has better detection accuracy; moreover, it improves the KD-tree detection efficiency.

show abstract

Section: Introductionmentioning

confidence: 99%

DDoS Detection Using a Cloud-Edge Collaboration Method Based on Entropy-Measuring SOM and KD-Tree in SDN

Yu²,

Hong

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Gadze et al [196] analyze the DL-based models' performance for identifying and mitigating DDoS attacks in SDN. The primary focus of their investigation is to detect UDP, TCP, and ICMP flood attacks.…”

Section: Supervised DL Based Ids In Sdnmentioning

confidence: 99%

“…[170]- [172], [226], [235] DL [190], [196] RL [181] Ensemble [239] UNSW-NB15: This dataset includes nine diverse categories of attacks and a wide category of regular activities in practical life. Training set contains 175,341 records, and 82,332 records present in the test set collected from various forms, attacks, and regular records [279].…”

Section: Analysisbasedmentioning

confidence: 99%

Intrusion Detection System in Software-Defined Networks Using Machine Learning and Deep Learning Techniques –A Comprehensive Survey

Rayhan¹,

Islam²,

Shatabda³

et al. 2022

Preprint

View full text Add to dashboard Cite

<div>At present, the Internet is facing numerous attacks of different kinds that put its data at risk. The safety of information within the network is, therefore, a significant concern. In order to prevent the loss of incredibly valuable information, the Intrusion Detection System (IDS) was developed to recognize the outbreak of a stream of attacks and notify the network system administrator providing network security. IDS is an extrapolative model used to detect network traffic as routine or attack. Software-Defined Networks (SDN) is a revolutionary paradigm that isolates the control plane from the data plane, transforming the concept of a software-driven network. Through this data and control plane separation, SDN provides us the opportunity to create a manageable and programmable network, allowing applications in the top plane to access physical devices via the controller. The controller functioning inside the control plane executes network modules and establishes flow rules to forward packets in the switches residing in the data plane. Cyber attackers target the SDN controller to subdue the control plane, which is considered the brain of the SDN, providing a plethora of functionalities such as regulating flow control to switches or routers in the data plane below via southbound Application Programming Interfaces (APIs) and business and application logic in the application plane above via northbound APIs to implement sophisticated networks. However, the control plane becomes a tempting prospect for security attacks from adversaries because of its centralization feature. This paper includes an in-depth overview of the notable published articles from 2015 to 2021 that used Machine Learning (ML) and Deep Learning (DL) techniques to construct an IDS solution to provide security for SDN. We also present two detailed taxonomic studies regarding IDS, and ML-DL techniques based on their learning categories, exploring various IDS solutions to secure the SDN paradigm. We have also conducted brief research on a few benchmark datasets used to construct IDS in the SDN paradigm. To conclude the survey, we provide a discussion that sheds light on continuous challenges and IDS issues for SDN security.</div>

show abstract

“…The experiment conducted by Gadze et al [10], they used RNN and LSTM in the software-defined networking (SDN) controller to identify and mitigate DDoS attacks. It was gathering certain network parameters when operating in a normal and also when subjected to DDoS attack.…”

Section: Literature Reviewmentioning

confidence: 99%

Detecting Distributed Denial of Service in Network Traffic with Deep Learning

Rusyaidi¹,

Jaf²,

Ibrahim³

2022

IJACSA

View full text Add to dashboard Cite

COVID-19 has altered the way businesses throughout the world perceive cyber security. It resulted in a series of unique cyber-crime-related conditions that impacted society and business. Distributed Denial of Service (DDoS) has dramatically increased in recent year. Automated detection of this type of attack is essential to protect business assets. In this research, we demonstrate the use of different deep learning algorithms to accurately detect DDoS attacks. We show the effectiveness of Long Short-Term Memory (LSTM) algorithms to detect DDoS attacks in computer networks with high accuracy. The LSTM algorithms have been trained and tested on the widely used NSL-KDD dataset. We empirically demonstrate our proposed model achieving high accuracy (~97.37%). We also show the effectiveness of our model in detecting 22 different types of attacks.

show abstract

An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers

Cited by 66 publications

References 20 publications

DDoS Detection Using a Cloud-Edge Collaboration Method Based on Entropy-Measuring SOM and KD-Tree in SDN

DDoS Detection Using a Cloud-Edge Collaboration Method Based on Entropy-Measuring SOM and KD-Tree in SDN

Intrusion Detection System in Software-Defined Networks Using Machine Learning and Deep Learning Techniques –A Comprehensive Survey

Detecting Distributed Denial of Service in Network Traffic with Deep Learning

Contact Info

Product

Resources

About