Universiti Teknologi Malaysia Institutional Repository

Collaborative detection and mitigation of DDoS in software-defined networks

Tayfour, O. E. and Marsono, M. N. (2021) Collaborative detection and mitigation of DDoS in software-defined networks. Journal of Supercomputing, 77 (11). pp. 13166-13190. ISSN 0920-8542

Full text not available from this repository.

Official URL: http://dx.doi.org/10.1007/s11227-021-03782-9

Abstract

This research presents the detection and mitigation of distributed denial of service (DDoS) in software defined networks (SDN). The proposed method consists of three modules: classifier module, mitigation module, and collaborative module. An ensemble classifier called V-NKDE is capable of detecting DDoS attacks accurately. The mitigation module blocks malicious traffics and purges entries of malicious traffic from the switch flow table. The collaborative module shares DDoS detection and mitigation rules among multiple SDN controllers using Redis Simple Message Queue mechanism. The proposed classifier performance validation on InSDN2020, CICIDS2017, NSL-KDD and UNSW-NB15 datasets. Furthermore we evaluated our proposed classifier in real traffic on an SDN simulation tested. The results show that the proposed method can detect DDoS attacks with high accuracy using an ensemble classifier, which performs better than single classifiers. More importantly, the false positive rate is greatly reduced, showing detection and mitigation of DDoS attacks across multi-controller domains with low controller overhead.

Item Type:Article
Uncontrolled Keywords:distributed denial-of-service, ensemble classifier, machine learning
Subjects:T Technology > TK Electrical engineering. Electronics Nuclear engineering
Divisions:Electrical Engineering
ID Code:95410
Deposited By: Narimah Nawil
Deposited On:31 May 2022 12:37
Last Modified:31 May 2022 12:37

Repository Staff Only: item control page