Proposed approach to detect distributed denial of service attacks in software defined network using machine learning algorithms

SDN (Software Defined Network) is rapidly gaining importance of ‘programmable network’ infrastructure. The SDN architecture separates the Data plane (forwarding devices) and Control plane (controller of the SDN). This makes it easy to deploy new versions to the infrastructure and provides straightforward network virtualization. Distributed Denial-of-Service attack is a major cyber security threat to the SDN. It is equally vulnerable to both data plane and control plane. In this paper, machine learning algorithms such as Naïve Bayesian, KNN, K Means, K-Medoids, Linear Regression, use to classify the incoming traffic as usual or unusual. Above mentioned algorithms are measured using the two metrics: accuracy and detection rate. The best fit algorithm is applied to implement the signature IDS which forms the module 1 of the proposed IDS. Second Module uses open connections to state the exact node which is an attacker and to block that particular IP address by placing it in Access Control List (ACL), thus increasing the processing speed of SDN as a whole.

[1]  Casimer DeCusatis,et al.  Predicting network attack patterns in SDN using machine learning approach , 2016, 2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN).

[2]  Mohammed Moin Mulla,et al.  Detection of distributed denial of service attacks in software defined networks , 2016, 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[3]  Wolfgang Kellerer,et al.  Detecting and mitigating denial of service attacks against the data plane in software defined networks , 2017, 2017 IEEE Conference on Network Softwarization (NetSoft).

[4]  D. Sharmila,et al.  Predicting Application Layer DDoS Attacks Using Machine Learning Algorithms , 2015 .

[5]  Marek Amanowicz,et al.  On Efficiency of Selected Machine Learning Algorithms for Intrusion Detection in Software Defined Networks , 2016 .

[6]  Chuang Lin,et al.  On Denial of Service Attacks in Software Defined Networks , 2016, IEEE Network.

[7]  Mauro Conti,et al.  Amplified Distributed Denial of Service Attack in Software Defined Networking , 2016, 2016 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS).