DDoS Attack Detection Method Based on Improved KNN With the Degree of DDoS Attack in Software-Defined Networks

被引:107
作者
Dong, Shi [1 ]
Sarem, Mudar [2 ,3 ]
机构
[1] Zhoukou Normal Univ, Sch Comp Sci & Technol, Zhoukou 466001, Peoples R China
[2] Huazhong Univ Sci & Technol, Sch Comp Sci & Technol, Wuhan 430074, Peoples R China
[3] Gen Org Remote Sensing, Damascus 12586, Syria
来源
IEEE ACCESS | 2020年 / 8卷
关键词
DDoS attack; traffic behavior; software defined networking; gain value; INTRUSION DETECTION; SDN;
D O I
10.1109/ACCESS.2019.2963077
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The Distributed Denial of Service (DDoS) attack has seriously impaired network availability for decades and still there is no effective defense mechanism against it. However, the emerging Software Defined Networking (SDN) provides a newway to reconsider the defense against DDoS attacks. In this paper, we propose two methods to detect the DDoS attack in SDN. One method adopts the degree of DDoS attack to identify the DDoS attack. The other method uses the improved K-Nearest Neighbors (KNN) algorithm based on Machine Learning (ML) to discover the DDoS attack. The results of the theoretical analysis and the experimental results on datasets show that our proposed methods can better detect the DDoS attack compared with other methods.
引用
收藏
页码:5039 / 5048
页数:10
相关论文
共 25 条
[1]  
[Anonymous], 2014, Discovering Knowledge in Data, P149, DOI DOI 10.1002/9781118874059.CH7
[2]  
[Anonymous], [No title captured]
[3]  
[Anonymous], [No title captured]
[4]   DDoS detection and defense mechanism based on cognitive-inspired computing in SDN [J].
Cui, Jie ;
Wang, Mingjun ;
Luo, Yonglong ;
Zhong, Hong .
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2019, 97 :275-283
[5]   Fast Defense System Against Attacks in Software Defined Networks [J].
De Assis, Marcos V. O. ;
Novaes, Matheus P. ;
Zerbini, Cinara B. ;
Carvalho, Luiz F. ;
Abrao, Taufik ;
Proenca, Mario L., Jr. .
IEEE ACCESS, 2018, 6 :69620-69639
[6]   A Survey on Distributed Denial of Service (DDoS) Attacks in SDN and Cloud Computing Environments [J].
Dong, Shi ;
Abbas, Khushnood ;
Jain, Raj .
IEEE ACCESS, 2019, 7 :80813-80828
[7]   An introduction to ROC analysis [J].
Fawcett, Tom .
PATTERN RECOGNITION LETTERS, 2006, 27 (08) :861-874
[8]   Mining network data for intrusion detection through combining SVMs with ant colony networks [J].
Feng, Wenying ;
Zhang, Qinglei ;
Hu, Gongzhu ;
Huang, Jimmy Xiangji .
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2014, 37 :127-140
[9]  
Fonseca P, 2012, IEEE IFIP NETW OPER, P933, DOI 10.1109/NOMS.2012.6212011
[10]   Naive Bayes for regression [J].
Frank, E ;
Trigg, L ;
Holmes, G ;
Witten, IH .
MACHINE LEARNING, 2000, 41 (01) :5-25
123