LION IDS: A meta-heuristics approach to detect DDoS attacks against Software-Defined Networks

被引:44
作者
Arivudainambi, D. [1 ]
Kumar, Varun K. A. [1 ]
Chakkaravarthy, S. Sibi [2 ]
机构
[1] Anna Univ, Dept Math, Chennai, Tamil Nadu, India
[2] Anna Univ, Madras Inst Technol, Dept Elect Engn, Chennai, Tamil Nadu, India
关键词
Software-Defined Networks; Distributed Denial of Service; Lion optimization algorithm; Security;
D O I
10.1007/s00521-018-3383-7
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Most of the enterprises are transforming their conventional networks into Software-Defined Network (SDN) to avail the cost efficiency and network flexibility. But recent attacks and security breaches against SDNs expose the security weakness of the technology. Distributed Denial of Service (DDoS) is the most common attack launched against various SDN architecture layers. Hence, DDoS has been claimed to be the most dangerous attack and threat to SDN. The existing mitigation techniques are traffic volumetric methods, entropical methods and traffic flow analysis methods. They depend on traffic sampling to achieve truly inline against DDoS detection accuracy in real time. However, traffic sampling-based methods are expensive with chances for incomplete approximation of underlying traffic patterns being very high. Early detection of DDoS attack in the controller is critical and requires highly adaptive and accurate methods. In this paper, an effective and accurate DDoS detection method using Lion optimization algorithm is proposed. The proposed detection technique is robust enough to detect DDoS attack within the least magnitude of attack traffic. Further, to evaluate the performance, the proposed method is compared with the state-of-the-art techniques. The outcome of this paper is current method limitation and scope for improvement depicted from overall study and analysis. The experimental results have proved that the proposed method outperforms the existing state-of-the-art methods with 96% accuracy.
引用
收藏
页码:1491 / 1501
页数:11
相关论文
共 22 条
[1]   Intrusion detection using a fuzzy genetics-based learning algorithm [J].
Abadeh, M. Sanlee ;
Habibi, J. ;
Lucas, C. .
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2007, 30 (01) :414-428
[2]  
Chan YTF, 2008, 2008 THIRD INTERNATIONAL CONFERENCE ON DIGITAL INFORMATION MANAGEMENT, VOLS 1 AND 2, P593
[3]  
Chen HH, 2016, J INF SCI ENG, V32, P995
[4]  
Gao H-H, 2005, INT C MACH LEARN CYB, DOI DOI 10.1109/ICMLC.2005.1527615
[5]  
Hamamoto AH, 2015, 2015 34TH INTERNATIONAL CONFERENCE OF THE CHILEAN COMPUTER SCIENCE SOCIETY (SCCC)
[6]  
Hamedi-Hamzehkolaie M, 2012, 6 INT S TEL, DOI [10. 1109/istel. 2012. 6483158. 10, DOI 10.1109/ISTEL.2012.6483158.10]
[7]  
Jakaria AHM, 2017, SDN NFV SEC 17
[8]   SDN Control Plane Security in Cloud Computing Against DDoS Attack [J].
Khimabhai, Yadav Ashok ;
Rohokale, Vandana .
INTERNATIONAL CONFERENCE ON ADVANCES IN INFORMATION COMMUNICATION TECHNOLOGY & COMPUTING, 2016, 2016,
[9]  
Lee JH, 2011, INNOVATIVE MOBILE IN, DOI [10. 1109/imis. 2011. 116, DOI 10.1109/IMIS.2011.116]
[10]   Botnet Detection Using Support Vector Machines with Artificial Fish Swarm Algorithm [J].
Lin, Kuan-Cheng ;
Chen, Sih-Yang ;
Hung, Jason C. .
JOURNAL OF APPLIED MATHEMATICS, 2014,