uitSDD: Protect software defined networks from distributed denial-of-service using multi machine learning models

uitSDD: Protect software defined networks from distributed denial-of-service using multi machine learning models

연구 분야: Networking

학회: Cluster Computing

The escalating risks to network security, stemming from the continual evolution of network infrastructure and application systems, have significantly impacted system availability, with distributed denial of service (DDoS) attacks standing out as a particularly disruptive threat capable of overwhelming and even incapacitating systems. In response, this study introduces a comprehensive system (named uitSDD) designed to detect and mitigate DDoS attacks within software-defined networks (SDNs). Our proposed solution involves a multi-modules architecture operating as an intrusion prevent system, strategically engineered for seamless integration into the Controller device. The system’s functionality includes the periodic extraction of multiple parameters from flow entries on the OpenFlow switch, complemented by machine learning models, enabling the identification of abnormal packets infiltrating the system. Upon detecting an attack, the controller promptly dispatches policies to the OpenFlow switch, initiating the removal of malicious packets. This autonomous system employs common machine learning algorithms and real-time processes to detect and counteract attacks on OpenFlow Switches. The study evaluates the system’s performance using four distinct algorithms such as Decision Tree, K-Nearest neighbors (KNN), Random Forest, and support vector machine (SVM). Notably, when utilizing the CIC-DDOS2019 dataset to evaluate machine learning algorithms in detecting DDoS attacks, the Decision Tree algorithm exhibits the highest F1-score at 99.87%.