Machine Learning Approach Equipped with Neighbourhood Component Analysis for DDoS Attack Detection in Software-Defined Networking

The Software-Defined Network (SDN) is a new network paradigm that promises more dynamic and efficiently manageable network architecture for new-generation networks. With its programmable central controller approach, network operators can easily manage and control the whole network. However, at the same time, due to its centralized structure, it is the target of many attack vectors. Distributed Denial of Service (DDoS) attacks are the most effective attack vector to the SDN. The purpose of this study is to classify the SDN traffic as normal or attack traffic using machine learning algorithms equipped with Neighbourhood Component Analysis (NCA). We handle a public “DDoS attack SDN Dataset” including a total of 23 features. The dataset consists of Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Internet Control Message Protocol (ICMP) normal and attack traffics. The dataset, including more than 100 thousand recordings, has statistical features such as byte_count, duration_sec, packet rate, and packet per flow, except for features that define source and target machines. We use the NCA algorithm to reveal the most relevant features by feature selection and perform an effective classification. After preprocessing and feature selection stages, the obtained dataset was classified by k-Nearest Neighbor (kNN), Decision Tree (DT), Artificial Neural Network (ANN), and Support Vector Machine (SVM) algorithms. The experimental results show that DT has a better accuracy rate than the other algorithms with 100% classification achievement.

[1]  Enchun Shao,et al.  Encoding IP Address as a Feature for Network Intrusion Detection , 2019 .

[2]  Hayit Greenspan,et al.  GAN-based Synthetic Medical Image Augmentation for increased CNN Performance in Liver Lesion Classification , 2018, Neurocomputing.

[3]  Zafer Cömert,et al.  Comparison of Machine Learning Techniques for Fetal Heart Rate Classification , 2017 .

[4]  Manju Khari,et al.  An Evolutionary SVM Model for DDOS Attack Detection in Software Defined Networks , 2020, IEEE Access.

[5]  J. L. Hodges,et al.  Discriminatory Analysis - Nonparametric Discrimination: Consistency Properties , 1989 .

[6]  Juan Felipe Botero,et al.  Security in SDN: A comprehensive survey , 2020, J. Netw. Comput. Appl..

[7]  Emin Anarım,et al.  Boğaziçi University distributed denial of service dataset , 2020, Data in brief.

[8]  Kazim Yildiz,et al.  Detection of DDoS attacks with feed forward based deep neural network model , 2021, Expert Syst. Appl..

[9]  Ladislav Huraj,et al.  The Vulnerability of the Production Line Using Industrial IoT Systems under DDoS Attack , 2021, Electronics.

[10]  Gaurav Singal,et al.  DDOS attack SDN Dataset , 2020 .

[11]  Mouhammd Alkasassbeh,et al.  An empirical evaluation for the intrusion detection features based on machine learning and feature selection methods , 2017, ArXiv.

[12]  P. Santhi Thilagam,et al.  DDoS Attacks at the Application Layer: Challenges and Research Perspectives for Safeguarding Web Applications , 2019, IEEE Communications Surveys & Tutorials.

[13]  Yuksel Celik,et al.  Otitis media diagnosis model for tympanic membrane images processed in two-stage processing blocks , 2020 .

[14]  K. Muthamil Sudar,et al.  Design of Ensemble Learning Methods for DDoS Detection in SDN Environment , 2019, 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN).

[15]  Natarajan Sriraam,et al.  Classification of focal and non-focal EEG signals using neighborhood component analysis and machine learning algorithms , 2018, Expert Syst. Appl..

[16]  Ali Kashif Bashir,et al.  Towards sFlow and adaptive polling sampling for deep learning based DDoS detection in SDN , 2020, Future Gener. Comput. Syst..

[17]  Truong Thu Huong,et al.  Self-organizing map-based approaches in DDoS flooding detection using SDN , 2018, 2018 International Conference on Information Networking (ICOIN).

[18]  Decision Tree and Neural Network Based Hybrid Algorithm for Detecting and Preventing Ddos Attacks in VANETS , 2020, International Journal of Innovative Technology and Exploring Engineering.

[19]  Wei Yang,et al.  Neighborhood Component Feature Selection for High-Dimensional Data , 2012, J. Comput..

[20]  Martin T. Hagan,et al.  Neural network design , 1995 .

[21]  Mesut Toğaçar,et al.  Determination of Tympanic Membrane Region in the Middle Ear Otoscope Images with Convolutional Neural Network Based YOLO Method , 2020 .

[22]  Jianguo Zhou,et al.  A New Framework for DDoS Attack Detection and Defense in SDN Environment , 2020, IEEE Access.

[23]  S. Mercy Shalinie,et al.  Learning-Driven Detection and Mitigation of DDoS Attack in IoT via SDN-Cloud Architecture , 2020, IEEE Internet of Things Journal.

[24]  M. Shanthakumar,et al.  Adaptive Learning Method for DDoS Attacks on Software Defined Network Function Virtualization , 2020, EAI Endorsed Trans. Cloud Syst..

[25]  Ryozo Ooka,et al.  Influence of data preprocessing on neural network performance for reproducing CFD simulations of non-isothermal indoor airflow distribution , 2021 .

[26]  Robertas Damasevicius,et al.  LITNET-2020: An Annotated Real-World Network Flow Dataset for Network Intrusion Detection , 2020, Electronics.

[27]  Nhien-An Le-Khac,et al.  InSDN: A Novel SDN Intrusion Dataset , 2020, IEEE Access.

[28]  Soodeh Hosseini,et al.  The hybrid technique for DDoS detection with supervised learning algorithms , 2019, Comput. Networks.

[29]  Mehrdad Rostami,et al.  Review of Swarm Intelligence-based Feature Selection Methods , 2020, Eng. Appl. Artif. Intell..

[30]  Karan B. V.,et al.  Detection of DDoS Attacks in Software Defined Networks , 2018, 2018 3rd International Conference on Computational Systems and Information Technology for Sustainable Solutions (CSITSS).

[31]  Athanasios V. Vasilakos,et al.  Security in Software-Defined Networking: Threats and Countermeasures , 2016, Mobile Networks and Applications.

[32]  Dakai Zhu,et al.  A Flexible SDN-Based Architecture for Identifying and Mitigating Low-Rate DDoS Attacks Using Machine Learning , 2020, IEEE Access.

[33]  Gopal Singh Kushwah,et al.  Optimized extreme learning machine for detecting DDoS attacks in cloud computing , 2021, Comput. Secur..

[34]  Lu Wang,et al.  A DDoS Attack Detection Method Based on Information Entropy and Deep Learning in SDN , 2020, 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC).

[35]  Zafer CÖMERT,et al.  Identification of Haploid Maize Seeds using Gray Level Co-occurrence Matrix and Machine Learning Techniques , 2018, 2018 International Conference on Artificial Intelligence and Data Processing (IDAP).

[36]  Engin Avci,et al.  Intelligent system based on Genetic Algorithm and support vector machine for detection of myocardial infarction from ECG signals , 2018, 2018 26th Signal Processing and Communications Applications Conference (SIU).

[37]  Cömert Zafer,et al.  Fusing fine-tuned deep features for recognizing different tympanic membranes , 2020 .

[38]  Yang Xiao,et al.  A survey of distributed denial-of-service attack, prevention, and mitigation techniques , 2017, Int. J. Distributed Sens. Networks.

[39]  Eric R. Ziegel,et al.  The Elements of Statistical Learning , 2003, Technometrics.

[40]  Gaurav Singal,et al.  DLSDN: Deep Learning for DDOS attack detection in Software Defined Networking , 2021, 2021 11th International Conference on Cloud Computing, Data Science & Engineering (Confluence).

[41]  Wei Wei,et al.  Ensemble machine learning approaches for webshell detection in Internet of things environments , 2020, Trans. Emerg. Telecommun. Technol..

[42]  Tamer Abdelkader,et al.  Survey of Countering DoS/DDoS Attacks on SIP Based VoIP Networks , 2020, Electronics.

[43]  Chit Su Khin,et al.  Machine-Learning Based DDOS Attack Classifier in Software Defined Network , 2020, 2020 17th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON).

[44]  Yanhui Guo,et al.  NS-k-NN: Neutrosophic Set-Based k-Nearest Neighbors Classifier , 2017, Symmetry.

[45]  Siu-Ming Yiu,et al.  Efficient and secure multi-functional searchable symmetric encryption schemes , 2016, Secur. Commun. Networks.