首页    期刊浏览 2024年12月01日 星期日
登录注册

文章基本信息

  • 标题:Machine Learning-based Distributed Denial of Service Attacks Detection Technique using New Features in Software-defined Networks
  • 本地全文:下载
  • 作者:Waheed G. Gadallah ; Nagwa M. Omar ; Hosny M. Ibrahim
  • 期刊名称:International Journal of Computer Network and Information Security
  • 印刷版ISSN:2074-9090
  • 电子版ISSN:2231-4946
  • 出版年度:2021
  • 卷号:13
  • 期号:3
  • 页码:15-27
  • DOI:10.5815/ijcnis.2021.03.02
  • 出版社:MECS Publisher
  • 摘要:Software-Defined Networking is a new network architecture that separates control and data planes. It has central network control and programmability facilities, so it improves manageability, scaling, and performance. However, it may suffer from creating a single point of failure against the controller, which represents the network control plane. So, defending the controller against attacks such as a distributed denial of service attack is a valuable and urgent issue. The advances of this paper are to implement an accurate and significant method to detect this attack with high accuracy using machine learning-based algorithms exploiting new advanced features obtained from traffic flow information and statistics. The developed model is trained with kernel radial basis function. The technique uses advanced features such as unknown destination addresses, packets inter-arrival time, transport layer protocol header, and type of service header. To the best knowledge of the authors, the proposed approach of the paper had not been used before. The proposed work begins with generating both normal and attack traffic flow packets through the network. When packets reach the controller, it extracts their headers and performs necessary flow calculations to get the needed features. The features are used to create a dataset that is used as an input to linear support vector machine classifier. The classifier is used to train the model with kernel radial basis function. Methods such as Naive Bayes, K-Nearest Neighbor, Decision Tree, and Random Forest are also utilized and compared with the SVM model to improve the detection operation. Hence, suspicious senders are blocked and their information is stored. The experimental results prove that the proposed technique detects the attack with high accuracy and low false alarm, compared to other related techniques.
  • 关键词:Software-Defined Networking;Distributed Denial of Service;Machine Learning;Support Vector Machine
国家哲学社会科学文献中心版权所有