The DDoS attacks detection through machine learning and statistical methods in SDN

被引：128

作者：

Dehkordi, Afsaneh Banitalebi ^{[1
]}

Soltanaghaei, MohammadReza ^{[1
]}

Boroujeni, Farsad Zamani ^{[1
]}

机构：

[1] Islamic Azad Univ, Isfahan Khorasgan Branch, Dept Comp Engn, Esfahan, Iran

来源：

JOURNAL OF SUPERCOMPUTING | 2021年 / 77卷 / 03期

关键词：

Distributed denial-of-service attacks; Software-defined networks; High-volume DDoS attack; Low-volume DDoS attack; Network security; SOFTWARE; SECURITY; DEFENSE;

D O I：

10.1007/s11227-020-03323-w

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

The distributed denial-of-service (DDoS) attack is a security challenge for the software-defined network (SDN). The different limitations of the existing DDoS detection methods include the dependency on the network topology, not being able to detect all DDoS attacks, applying outdated and invalid datasets and the need for powerful and costly hardware infrastructure. Applying static thresholds and their dependency on old data in previous periods reduces their flexibility for new attacks and increases the attack detection time. A new method detects DDoS attacks in SDN. This method consists of the three collector, entropy-based and classification sections. The experimental results obtained by applying the UNB-ISCX, CTU-13 and ISOT datasets indicate that this method outperforms its counterparts in terms of accuracy in detecting DDoS attacks in SDN.

引用

页码：2383 / 2415

页数：33

共 41 条

[1]

Abbott D., 2011, Linux for Embedded and Real-Time Applications

[2] Low rate cloud DDoS attack defense method based on power spectral density analysis [J].

Agrawal, Neha ;

Tapaswi, Shashikala .

INFORMATION PROCESSING LETTERS, 2018, 138 :44-50

[3] Security enhancement for software defined network using game theoretical approach [J].

Anithaashri, T. P. ;

Ravichandran, G. ;

Baskaran, R. .

COMPUTER NETWORKS, 2019, 157 :112-121

[4]

[Anonymous], 2016, J COMP SCI ITS APPL

[5]

Asadollahi S, 2017, 2017 INTERNATIONAL CONFERENCE ON ELECTRICAL, ELECTRONICS, COMMUNICATION, COMPUTER, AND OPTIMIZATION TECHNIQUES (ICEECCOT), P288

[6] A Comparative Analysis of Machine Learning Techniques for Botnet Detection [J].

Bansal, Ankit ;

Mahapatra, Sudipta .

SIN'17: PROCEEDINGS OF THE 10TH INTERNATIONAL CONFERENCE ON SECURITY OF INFORMATION AND NETWORKS, 2017, :91-98

[7] D-FACE: An anomaly based distributed approach for early detection of DDoS attacks and flash events [J].

Behal, Sunny ;

Kumar, Krishan ;

Sachdeva, Monika .

JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2018, 111 :49-63

[8]

Bhamare D., 2016, 2016 INT C INF SCI S, DOI DOI 10.1109/ICISSEC.2016.7885853

[9]

Catania Carlos, 2013, 2013 IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS), P655, DOI 10.1109/IDAACS.2013.6663006

[10]

Chen R, 2017, MATH PROBL ENG 2017, P2017

← 1 2 3 4 5 →