Journals : Accents Journal

ACCENTS Journals

A Unit of ACCENTS

(Publisher of Peer Reviewed Open Access Journals)

International Journal of Advanced Technology and Engineering Exploration (IJATEE)

ISSN (Print):2394-5443 ISSN (Online):2394-7454

Volume-8 Issue-82 September-2021

Full-Text PDF

Paper Title

A DDoS defence framework in software defined network using ensemble classifier with rough set theory based feature selection

Author Name

Riyad AM

Abstract

The network traffic is getting increased day by day with the increase in the usage of the internet and related technologies such as cloud computing, Internet of Things (IoT), and big data. However, the traditional Internet Protocol (IP) based network struggles with adopting the huge network traffic through scalability, controllability as well as manageability for which software defined network has become an alternative. It meets the requirements of modern technologies in which the control is centralized over the network. Due to the increased popularity and usage, the security of the Software Defined Networking (SDN) is often compromised. Distributed Denial of Service (DDoS) attack is a major threat that suppresses the service of the SDN network. This paper focuses on providing a defence framework for SDN against DDoS attacks with two main phases. The DDoS prevention phase implemented at the data plane is responsible for preventing attacks packets through simple flow analysis. The DDoS detection phase at the control plane extracts the features from the incoming packets on which the rough set theory-based entropy is applied to select the significant features. Later ensemble classifier categorizes the flow as normal or attack. The flow rules are updated based on the obtained results. The proposed model has experimented with two publicly available datasets and the analysis are made with the obtained results. The proposed model has better precision values in predicting the flow as benign or attack with the values 96.3% and 96.12% respectively. The result analysis proves that the proposed model outperforms various other existing models in classifying DDoS attacks.

Keywords

Software defined networks, Distributed denial of attack, Flow analysis, Ensemble classifier, Rough set theory, Entropy.

Cite this article

AM R. A DDoS defence framework in software defined network using ensemble classifier with rough set theory based feature selection. International Journal of Advanced Technology and Engineering Exploration. 2021; 8(82):1120-1135. DOI:10.19101/IJATEE.2021.874477.

References

[1]Polat H, Polat O, Cetin A. Detecting DDoS attacks in software-defined networks through feature selection methods and machine learning models. Sustainability. 2020; 12(3):1-16.
[Crossref]	[Google Scholar]

[2]Kreutz D, Ramos FM, Verissimo PE, Rothenberg CE, Azodolmolky S, Uhlig S. Software-defined networking: a comprehensive survey. Proceedings of the IEEE. 2014; 103(1):14-76.
[Crossref]	[Google Scholar]

[3]Sahoo KS, Puthal D, Obaidat MS, Sarkar A, Mishra SK, Sahoo B. On the placement of controllers in software-defined-WAN using meta-heuristic approach. Journal of Systems and Software. 2018; 145:180-94.
[Crossref]	[Google Scholar]

[4]Yin D, Zhang L, Yang K. A DDoS attack detection and mitigation with software-defined internet of things framework. IEEE Access. 2018; 6:24694-705.
[Crossref]	[Google Scholar]

[5]Ujjan RM, Pervez Z, Dahal K, Khan WA, Khattak AM, Hayat B. Entropy based features distribution for anti-DDoS model in SDN. Sustainability. 2021; 13(3):1-27.
[Crossref]	[Google Scholar]

[6]https://www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.html. Accessed 17 September 2021.

[7]Saravanan A, Ahmed MI, Bama SS. Automated policy based remote attestation in trusted computing. ARPN Journal of Engineering and Applied Sciences. 2016; 11(7):4485-91.
[Google Scholar]

[8]Akhunzada A, Ahmed E, Gani A, Khan MK, Imran M, Guizani S. Securing software defined networks: taxonomy, requirements, and open issues. IEEE Communications Magazine. 2015; 53(4):36-44.
[Crossref]	[Google Scholar]

[9]Kalkan K, Gür G, Alagöz F. SDNScore: a statistical defense mechanism against DDoS attacks in SDN environment. In symposium on computers and communications 2017 (pp. 669-75). IEEE.
[Crossref]	[Google Scholar]

[10]Andishmand R, Mohammdi H, Mostafavi S. Detection and analysis of DDoS attacks in software-defined networks. Computer Security and Reliability.2020.
[Google Scholar]

[11]Dehkordi AB, Soltanaghaei M, Boroujeni FZ. The DDoS attacks detection through machine learning and statistical methods in SDN. The Journal of Supercomputing. 2021; 77(3):2383-415.
[Crossref]	[Google Scholar]

[12]Conti M, Lal C, Mohammadi R, Rawat U. Lightweight solutions to counter DDoS attacks in software defined networking. Wireless Networks. 2019; 25(5):2751-68.
[Crossref]	[Google Scholar]

[13]Santos R, Souza D, Santo W, Ribeiro A, Moreno E. Machine learning algorithms to detect DDoS attacks in SDN. Concurrency and Computation: Practice and Experience. 2020; 32(16).
[Crossref]	[Google Scholar]

[14]Yang L, Zhao H. DDoS attack identification and defense using SDN based on machine learning method. In 15th international symposium on pervasive systems, algorithms and networks (I-SPAN) 2018 (pp. 174-8). IEEE.
[Crossref]	[Google Scholar]

[15]Ali M, Benamrane F, Luong DK, Hu YF, Li JP, Abdo K. An AI based approach to secure SDN enabled future avionics communications network against DDoS attacks. In digital avionics systems conference 2019 (pp. 1-7). IEEE.
[Crossref]	[Google Scholar]

[16]Yu S, Zhang J, Liu J, Zhang X, Li Y, Xu T. A cooperative DDoS attack detection scheme based on entropy and ensemble learning in SDN. EURASIP Journal on Wireless Communications and Networking. 2021.
[Crossref]	[Google Scholar]

[17]Manso P, Moura J, Serrão C. SDN-based intrusion detection system for early detection and mitigation of DDoS attacks. Information. 2019; 10(3):1-17.
[Crossref]	[Google Scholar]

[18]Priyadarshini R, Barik RK. A deep learning based intelligent framework to mitigate DDoS attack in fog environment. Journal of King Saud University-Computer and Information Sciences. 2019:1-7.
[Crossref]	[Google Scholar]

[19]Joëlle MM, Park YH. Strategies for detecting and mitigating DDoS attacks in SDN: a survey. Journal of Intelligent & Fuzzy Systems. 2018; 35(6):5913-25.
[Google Scholar]

[20]Karan BV, Narayan DG, Hiremath PS. Detection of DDoS attacks in software defined networks. In 3rd international conference on computational systems and information technology for sustainable solutions 2018 (pp. 265-70). IEEE.
[Crossref]	[Google Scholar]

[21]Meti N, Narayan DG, Baligar VP. Detection of distributed denial of service attacks using machine learning algorithms in software defined networks. In international conference on advances in computing, communications and informatics 2017 (pp. 1366-71). IEEE.
[Crossref]	[Google Scholar]

[22]Fitriani S, Mandala S, Murti MA. Review of semi-supervised method for intrusion detection system. In Asia pacific conference on multimedia and broadcasting 2016 (pp. 36-41). IEEE.
[Crossref]	[Google Scholar]

[23]Sharma S, Sahu SK, Jena SK. On selection of attributes for entropy based detection of DDoS. In international conference on advances in computing, communications and informatics 2015 (pp. 1096-100). IEEE.
[Crossref]	[Google Scholar]

[24]Mehdi SA, Khalid J, Khayam SA. Revisiting traffic anomaly detection using software defined networking. In international workshop on recent advances in intrusion detection 2011 (pp. 161-80). Springer, Berlin, Heidelberg.
[Crossref]	[Google Scholar]

[25]Omar T, Ho A, Urbina B. Detection of DDoS in SDN environment using entropy-based detection. Califonia State Polytechnic University.
[Google Scholar]

[26]Carvalho RN, Bordim JL, Alchieri EA. Entropy-based DoS attack identification in SDN. In international parallel and distributed processing symposium workshops 2019 (pp. 627-34). IEEE.
[Crossref]	[Google Scholar]

[27]Ahmed ME, Ullah S, Kim H. Statistical application fingerprinting for DDoS attack mitigation. IEEE Transactions on Information Forensics and Security. 2018; 14(6):1471-84.
[Crossref]	[Google Scholar]

[28]Durner R, Lorenz C, Wiedemann M, Kellerer W. Detecting and mitigating denial of service attacks against the data plane in software defined networks. In conference on network softwarization 2017 (pp. 1-6). IEEE.
[Crossref]	[Google Scholar]

[29]Gkountis C, Taha M, Lloret J, Kambourakis G. Lightweight algorithm for protecting SDN controller against DDoS attacks. In IFIP wireless and mobile networking conference 2017 (pp. 1-6). IEEE.
[Crossref]	[Google Scholar]

[30]Sahay R, Blanc G, Zhang Z, Debar H. ArOMA: an SDN based autonomic DDoS mitigation framework. Computers & Security. 2017; 70:482-99.
[Crossref]	[Google Scholar]

[31]Sharma PK, Singh S, Park JH. OpCloudSec: open cloud software defined wireless network security for the internet of things. Computer Communications. 2018; 122:1-8.
[Crossref]	[Google Scholar]

[32]Singh J, Behal S. Detection and mitigation of DDoS attacks in SDN: a comprehensive review, research challenges and future directions. Computer Science Review. 2020.
[Crossref]	[Google Scholar]

[33]Aamir M, Zaidi SM. Clustering based semi-supervised machine learning for DDoS attack classification. Journal of King Saud University-Computer and Information Sciences. 2019; 33(4):436-46.
[Crossref]	[Google Scholar]

[34]Ye J, Cheng X, Zhu J, Feng L, Song L. A DDoS attack detection method based on SVM in software defined network. Security and Communication Networks. 2018:1-8.
[Crossref]	[Google Scholar]

[35]Tuan NN, Hung PH, Nghia ND, Tho NV, Phan TV, Thanh NH. A DDoS attack mitigation scheme in ISP networks using machine learning based on SDN. Electronics. 2020; 9(3):1-19.
[Crossref]	[Google Scholar]

[36]Phan TV, Bao NK, Park M. A novel hybrid flow-based handler with DDoS attacks in software-defined networking. In conferences on ubiquitous intelligence & computing, advanced and trusted computing, scalable computing and communications, cloud and big data computing, internet of people, and smart world congress (UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld) 2016 J (pp. 350-7). IEEE.
[Crossref]	[Google Scholar]

[37]Mehmood A, Mukherjee M, Ahmed SH, Song H, Malik KM. NBC-MAIDS: naïve bayesian classification technique in multi-agent system-enriched IDS for securing IoT against DDoS attacks. The Journal of Supercomputing. 2018; 74(10):5156-70.
[Crossref]	[Google Scholar]

[38]Ravi N, Shalinie SM. Learning-driven detection and mitigation of DDoS attack in IoT via SDN-cloud architecture. IEEE Internet of Things Journal. 2020; 7(4):3559-70.
[Crossref]	[Google Scholar]

[39]Alshamrani A, Chowdhary A, Pisharody S, Lu D, Huang D. A defense system for defeating DDoS attacks in SDN based networks. In proceedings of the ACM international symposium on mobility management and wireless access 2017(pp. 83-92).
[Crossref]	[Google Scholar]

[40]Yang X, Han B, Sun Z, Huang J. SDN-based ddos attack detection with cross-plane collaboration and lightweight flow monitoring. In global communications conference 2017 (pp. 1-6). IEEE.
[Crossref]	[Google Scholar]

[41]Saravanan A, Bama SS, Kadry S, Ramasamy LK. A new framework to alleviate DDoS vulnerabilities in cloud computing. International Journal of Electrical & Computer Engineering. 2019; 9(5): 4163−75.
[Crossref]	[Google Scholar]

[42]Saravana A, Sathya BS. Multi model anti DDoS framework for detection and mitigation of high rate DDoS attacks in the cloud environment. International Journal of Scientific & Technology Research. 2020; 9(3):4503-11.

[43]Hu D, Hong P, Chen Y. FADM: DDoS flooding attack detection and mitigation system in software-defined networking. In global communications conference 2017 (pp. 1-7). IEEE.
[Crossref]	[Google Scholar]

[44]Irfan AMS, Riyad AM. Rough set theory based entropy approach for feature selection in adaptive intrusion detection system. International Journal of Scientific & Technology Research, 2020; 9(3):5734-5740.

[45]http://ntwag.sourceforge.net/. Accessed 17 September 2021.

[46]http://nsl.cs.unb.ca/nsl-kdd/. Accessed 17 September 2021.

[47]Bama SS, Ahmed MI, Saravanan A. A survey on performance evaluation measures for information retrieval system. International Research Journal of Engineering and Technology. 2015; 2(2):1015-20.
[Google Scholar]