Visible to the public Towards a secure Software Defined Network with Adaptive Mitigation of DDoS attacks by Machine Learning Approaches

TitleTowards a secure Software Defined Network with Adaptive Mitigation of DDoS attacks by Machine Learning Approaches
Publication TypeConference Paper
Year of Publication2022
AuthorsFenil, E., Kumar, P. Mohan
Conference Name2022 International Conference on Advances in Computing, Communication and Applied Informatics (ACCAI)
KeywordsAttack modelling, composability, DDoS attack mitigation, DDoS Attacks, denial-of-service attack, Dictionaries, Human Behavior, Intrusion Detection Systems, machine learning, machine learning algorithms, Matching pursuit algorithms, mathematical models, Metrics, pubcrawl, resilience, Resiliency, Software algorithms, software defined networking, telecommunication traffic
AbstractDDoS attacks produce a lot of traffic on the network. DDoS attacks may be fought in a novel method thanks to the rise of Software Defined Networking (SDN). DDoS detection and data gathering may lead to larger system load utilization among SDN as well as systems, much expense of SDN, slow reaction period to DDoS if they are conducted at regular intervals. Using the Identification Retrieval algorithm, we offer a new DDoS detection framework for detecting resource scarcity type DDoS attacks. In designed to check low-density DDoS attacks, we employ a combination of network traffic characteristics. The KSVD technique is used to generate a dictionary of network traffic parameters. In addition to providing legitimate and attack traffic models for dictionary construction, the suggested technique may be used to network traffic as well. Matching Pursuit and Wavelet-based DDoS detection algorithms are also implemented and compared using two separate data sets. Despite the difficulties in identifying LR-DoS attacks, the results of the study show that our technique has a detection accuracy of 89%. DDoS attacks are explained for each type of DDoS, and how SDN weaknesses may be exploited. We conclude that machine learning-based DDoS detection mechanisms and cutoff point DDoS detection techniques are the two most prevalent methods used to identify DDoS attacks in SDN. More significantly, the generational process, benefits, and limitations of each DDoS detection system are explained. This is the case in our testing environment, where the intrusion detection system (IDS) is able to block all previously identified threats
DOI10.1109/ACCAI53970.2022.9752607
Citation Keyfenil_towards_2022