A New Machine Learning-based Collaborative DDoS Mitigation Mechanism in Software-Defined Network

Software Defined Network (SDN) is a revolutionary idea to realize software-driven network with the separation of control and data planes. In essence, SDN addresses the problems faced by the traditional network architecture; however, it may as well expose the network to new attacks. Among other attacks, distributed denial of service (DDoS) attacks are hard to contain in such software-based networks. Existing DDoS mitigation techniques either lack in performance or jeopardize the accuracy of the attack detection. To fill the voids, we propose in this paper a machine learning-based DDoS mitigation technique for SDN. First, we create a model for DDoS detection in SDN using NSL-KDD dataset and then after training the model on this dataset, we use real DDoS attacks to assess our proposed model. Obtained results show that the proposed technique equates favorably to the current techniques with increased performance and accuracy.

[1]  Biao Han,et al.  SDN-Based DDoS Attack Detection with Cross-Plane Collaboration and Lightweight Flow Monitoring , 2017, GLOBECOM 2017 - 2017 IEEE Global Communications Conference.

[2]  S. P. Shantharajah,et al.  A Study on NSL-KDD Dataset for Intrusion Detection System Based on Classification Algorithms , 2015 .

[3]  Wei Zhang,et al.  Semantics-Based Online Malware Detection: Towards Efficient Real-Time Protection Against Malware , 2016, IEEE Transactions on Information Forensics and Security.

[4]  Manoj Singh Gaur,et al.  A comprehensive and effective mechanism for DDoS detection in SDN , 2017, 2017 IEEE 13th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[5]  Seemab Latif,et al.  Handling intrusion and DDoS attacks in Software Defined Networks using machine learning techniques , 2014, 2014 National Software Engineering Conference.

[6]  D. G. Narayan,et al.  Detection of distributed denial of service attacks using machine learning algorithms in software defined networks , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[7]  Jihun Moon,et al.  Access control of MTC devices using reinforcement learning approach , 2017, 2017 International Conference on Information Networking (ICOIN).

[8]  Sufian Hameed,et al.  Leveraging SDN for collaborative DDoS mitigation , 2017, 2017 International Conference on Networked Systems (NetSys).

[9]  Georgios Kambourakis,et al.  Lightweight algorithm for protecting SDN controller against DDoS attacks , 2017, 2017 10th IFIP Wireless and Mobile Networking Conference (WMNC).

[10]  Mohammed Moin Mulla,et al.  Detection of distributed denial of service attacks in software defined networks , 2016, 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[11]  Dijiang Huang,et al.  A Defense System for Defeating DDoS Attacks in SDN based Networks , 2017, MobiWac.

[12]  Sandhya,et al.  A survey: Hybrid SDN , 2017, J. Netw. Comput. Appl..

[13]  David K. Y. Yau,et al.  Realtime DDoS Defense Using COTS SDN Switches via Adaptive Correlation Analysis , 2018, IEEE Transactions on Information Forensics and Security.