Ensemble Deep Learning Models for Mitigating DDoS Attack in Software-Defined Network

Alanazi, Fatmah; Jambi, Kamal; Eassa, Fathy; Khemakhem, Maher; Basuhail, Abdullah; Alsubhi, Khalid

doi:10.32604/iasc.2022.024668

Cited by 13 publications

(12 citation statements)

References 34 publications

(52 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Ref. [96] used CNN, gated recurrent unity (GRU), and long-short-term memory (LSTM) for classifying DDoS attacks. The proposed model was trained with the CICIDS 2017 dataset and achieved 99.77% detection accuracy in the case of a small number of features.…”

Section: Ensemble DL Approachesmentioning

confidence: 99%

A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-Defined Networking

Bahashwan

Anbar

Manickam

et al. 2023

Sensors

View full text Add to dashboard Cite

Software-defined networking (SDN) is a revolutionary innovation in network technology with many desirable features, including flexibility and manageability. Despite those advantages, SDN is vulnerable to distributed denial of service (DDoS), which constitutes a significant threat due to its impact on the SDN network. Despite many security approaches to detect DDoS attacks, it remains an open research challenge. Therefore, this study presents a systematic literature review (SLR) to systematically investigate and critically analyze the existing DDoS attack approaches based on machine learning (ML), deep learning (DL), or hybrid approaches published between 2014 and 2022. We followed a predefined SLR protocol in two stages on eight online databases to comprehensively cover relevant studies. The two stages involve automatic and manual searching, resulting in 70 studies being identified as definitive primary studies. The trend indicates that the number of studies on SDN DDoS attacks has increased dramatically in the last few years. The analysis showed that the existing detection approaches primarily utilize ensemble, hybrid, and single ML-DL. Private synthetic datasets, followed by unrealistic datasets, are the most frequently used to evaluate those approaches. In addition, the review argues that the limited literature studies demand additional focus on resolving the remaining challenges and open issues stated in this SLR.

show abstract

Section: Ensemble DL Approachesmentioning

confidence: 99%

A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-Defined Networking

Bahashwan

Anbar

Manickam

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…There are several DL-based approaches that have been proposed. For example, Alanazi et al [10] proposed an ensemble approach based on a combination of Gated Recurrent Unit (GRU), Convolutional Neural Network (CNN), and Long Short-Term Memory (LSTM) to detect DDoS attacks in SDN networks. The ensemble was evaluated using the CICIDS2020 dataset and achieved high detection accuracy by selecting only four features.…”

Section: Dl-based Approachesmentioning

confidence: 99%

“…As shown in Table 2, several approaches in the literature have achieved low detection accuracies, such as those of Santos et al [12], Sudar et al [8], Celesova et al [25], Hsieh et al [26], and Deepa et al [11]. Additionally, some of these approaches have been evaluated using non-SDN datasets, including Celesova et al [25], Sudar et al [8], Boukria et al [28], and Alanazi et al [10]. Moreover, most of the existing approaches are implemented on SDN controllers, which can increase overhead during DDoS attacks.…”

Section: Boukria Et Al [28]mentioning

confidence: 99%

“…Regrettably, the SDN controller lacks an integrated security defense system that can efficiently distinguish between normal and abnormal network traffic [6,7]. Furthermore, numerous researchers have proposed different approaches to detect DDoS attacks on SDN controllers [8][9][10][11][12]. However, despite the efficiency of these approaches, detecting DDoS attacks on SDN controllers remains a challenging problem.…”

Section: Introductionmentioning

confidence: 99%

“…For example, Wan et al [9] demonstrated that relying on non-qualified features resulted in the classifier's inability to differentiate between attack traffic and normal traffic for detecting DDoS attacks. Similarly, Iasc et al [10] showed that using non-realistic datasets does not accurately reflect the essential features of real SDN traffic and may lead to unfair performance comparisons with other state-of-the-art approaches.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Deep Learning-Based Approach for Detecting DDoS Attack on Software-Defined Networking Controller

Mansoor

Anbar

Bahashwan

et al. 2023

Systems

View full text Add to dashboard Cite

The rapid growth of cloud computing has led to the development of the Software-Defined Network (SDN), which is a network strategy that offers dynamic management and improved performance. However, security threats are a growing concern, particularly with the SDN controller becoming an attractive target for malicious actors and potential Distributed Denial of Service (DDoS) attacks. Many researchers have proposed different approaches to detecting DDoS attacks. However, those approaches suffer from high false positives, leading to low accuracy, and the main reason behind this is the use of non-qualified features and non-realistic datasets. Therefore, the deep learning (DL) algorithmic technique can be utilized to detect DDoS attacks on SDN controllers. Moreover, the proposed approach involves three stages, (1) data preprocessing, (2) cross-feature selection, which aims to identify important features for DDoS detection, and (3) detection using the Recurrent Neural Networks (RNNs) model. A benchmark dataset is employed to evaluate the proposed approach via standard evaluation metrics, including false positive rate and detection accuracy. The findings indicate that the recommended approach effectively detects DDoS attacks with average detection accuracy, average precision, average FPR, and average F1-measure of 94.186 %, 92.146%, 8.114%, and 94.276%, respectively.

show abstract

Deep learning for the security of software-defined networks: a review

Taheri,

Ahmed,

Arslan

2023

Cluster Comput

View full text Add to dashboard Cite

Ensemble Deep Learning Models for Mitigating DDoS Attack in Software-Defined Network

Cited by 13 publications

References 34 publications

A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-Defined Networking

A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-Defined Networking

Deep Learning-Based Approach for Detecting DDoS Attack on Software-Defined Networking Controller

Deep learning for the security of software-defined networks: a review

Contact Info

Product

Resources

About