A Collaborative Approach to Detecting DDoS Attacks in SDN Using Entropy and Deep Learning

• Autorzy: Narayan D. G. , Heena W. , Amit K.

Identyfikatory

DOI

10.26636/jtit.2024.3.1609

• Języki publikacji: EN

Abstrakty

EN

Software-defined networking (SDN) is an approach to network management allowing to enhance the performance of the network and making it more flexible. The centralized architecture of SDN makes it vulnerable to cyberattacks, especially distributed denial of service (DDoS) attacks. Existing research investigates the detection of DDoS attacks separately on the control plane and data plane. However, there is a need for efficient and accurate detection of these attacks using features obtained from both control and data planes. Therefore, we present a mechanism for identifying DDoS attacks using entropy, multiple feature selection mechanisms, and deep learning. Initially, we use entropy on the control plane to detect anomalous activity and identify suspicious switches. Next, we capture traffic on the suspicious switches to detect DDoS attacks. To detect these attacks, we utilize multi-layer perceptron (MLP) deep learning models, convolutional neural network (CNN), and the long short-term memory (LSTM) approach. An InSDN dataset is used to train the model and test data are generated using Mininet emulation and the Ryu controller. The results reveal that LSTM outperforms MLP and CNN, achieving an accuracy of 99.83%.

Słowa kluczowe

EN

DDoS; deep learning; LSTM; machine learning; random forest; SDN

• Wydawca: Instytut Łączności - Państwowy Instytut Badawczy
• Czasopismo: Journal of Telecommunications and Information Technology
• Rocznik: 2024
• Tom: nr 3
• Strony: 79--87
• Opis fizyczny: Bibliogr. 27 poz., rys., tab.

Twórcy

autor

Narayan D. G.

• KLE Technological University, Hubballi, Karnataka, India

• https://orcid.org/0000-0002-2843-8931

autor

Heena W.

• KLE Technological University, Hubballi, Karnataka, India

• https://orcid.org/0009-0009-7998-3049

autor

Amit K.

• KLE Technological University, Hubballi, Karnataka, India

• https://orcid.org/0000-0002-8917-8678

Bibliografia

• [1] B. Alhijawi et al., "A Survey on DoS/DDoS Mitigation Techniques in SDNs: Classification, Comparison, Solutions, Testing Tools and Datasets", Computers and Electrical Engineering, vol. 99, art. no. 107706, 2022.
• [2] A.A. Bahashwan et al., "A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-defined Networking", Sensors, vol. 23, no. 9, art. no. 4441, 2023.
• [3] I.A. Valdovinos, J.A. Pérez-Díaz, K.-K.R. Choo, and J.F. Botero, "Emerging DDoS Attack Detection and Mitigation Strategies in Software-defined Networks: Taxonomy, Challenges and Future Directions", Journal of Network and Computer Applications, vol. 187, art. no. 103093, 2021.
• [4] H. Zhang, L. Zhou, and J. Lei, "Renyi Entropy-based DDoS Attack Detection in SDN-based Networks", 2023 IEEE 3rd International Conference on Electronic Technology, Communication and Information (ICETCI), Changchun, China, 2023.
• [5] A. Makuvaza, D.S. Jat, and A.M. Gamundani, "Deep Neural Network (DNN) Solution for Real-time Detection of Distributed Denial of Service (DDoS) Attacks in Software Defined Networks (SDNs)", SN Computer Science, vol. 2, 2021.
• [6] L. Tan et al., "A New Framework for DDoS Attack Detection and Defense in SDN Environment", IEEE Access, vol. 8, pp. 161908-161919, 2020.
• [7] K. Kalkan, L. Altay, G. Gür, and F. Alagöz, "JESS: Joint Entropy-based DDoS Defense Scheme in SDN", IEEE Journal on Selected Areas in Communications, vol. 36, no. 10, pp. 2358-2372, 2018.
• [8] R.N. Carvalho, J.L. Bordim, and E.A.P. Alchieri, "Entropy-based DoS Attack Identification in SDN", 2019 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW), Rio de Janeiro, Brazil, 2019.
• [9] S. Yu et al., "A Cooperative DDoS Attack Detection Scheme Based on Entropy and Ensemble Learning in SDN", EURASIP Journal on Wireless Communications and Networking, 2021.
• [10] B. Han et al., "OverWatch: A Cross-plane DDoS Attack Defense Framework with Collaborative Intelligence in SDN", Security and Communication Networks, 2018.
• [11] A. Yadav et al., "A Hybrid Approach for Detection of DDoS Attacks Using Entropy and Machine Learning in Software Defined Networks", 2021 12th International Conference on Computing Communication and Networking Technologies (ICCCNT), Kharagpur, India, 2021.
• [12] B. Celesova, J. Val’ko, R. Grezo, and P. Helebrandt, "Enhancing Security of SDN Focusing on Control Plane and Data Plane", 2019 7th International Symposium on Digital Forensics and Security (ISDFS), Barcelos, Portugal, 2019.
• [13] Y. Wang et al., "SGS: Safe-guard Scheme for Protecting Control Plane Against DDoS Attacks in Software-defined Networking", IEEE Access, vol. 7, pp. 34699-34710, 2019.
• [14] W.G. Gadallah, N.M. Omar, and H.M. Ibrahim, "Machine Learning-based Distributed Denial of Service Attacks Detection Technique using New Features in Software-defined Networks", International Journal of Computer Network Information Security, vol. 13, no. 3, pp. 15-27, 2021.
• [15] Z. Liu, Y. He, W. Wang, and B. Zhang, "DDoS Attack Detection Scheme Based on Entropy and PSO-BP Neural Network in SDN", China Communications, vol. 16, no. 7, pp. 144-155, 2019.
• [16] H.S. Abdulkarem and A. Dawod, "DDoS Attack Detection and Mitigation at SDN Data Plane Layer", 2020 2nd Global Power, Energy and Communication Conference (GPECOM), Izmir, Türkiye, 2020.
• [17] R. Sanjeetha, A. Pattanaik, A. Gupta, and A. Kanavalli, "Early Detection and Diminution of DDoS Attack Instigated by Compromised Switches on the Controller in Software Defined Networks", 2019 IEEE International Conference on Distributed Computing, VLSI, Electrical Circuits and Robotics, Manipal, India, 2019.
• [18] A. Mishra, N. Gupta, and B.B. Gupta, "Defense Mechanisms Against DDoS Attack Based on Entropy in SDN-cloud Using POX Controller", Telecommunication Systems, vol. 77, pp. 47-62, 2021.
• [19] X. Yang, B. Han, Z. Sun, and J. Huang, "SDN-based DDoS Attack Detection with Cross-plane Collaboration and Lightweight Flow Monitoring", GLOBECOM 2017 - 2017 IEEE Global Communications Conference, Singapore, 2017.
• [20] V. Deepa, K.M. Sudar, and P. Deepalakshmi, "Detection of DDoS Attack on SDN Control Plane using Hybrid Machine Learning Techniques", 2018 International Conference on Smart Systems and Inventive Technology (ICSSIT), Tirunelveli, India, 2018.
• [21] J.E. Varghese and B. Muniyal, "An Efficient IDS Framework for DDoS Attacks in SDN Environment", IEEE Access, vol. 9, pp. 69680-69699, 2021.
• [22] N. Ahuja, G. Singal, D. Mukhopadhyay, and N. Kumar, "Automated DDOS Attack Detection in Software Defined Networking", Journal of Network and Computer Applications, vol. 187, art. no. 103108, 2021.
• [23] D. Gadze et al., "An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers", Technologies, vol. 9, art. no. 14, 2021.
• [24] P.T. Dinh and M. Park, "BDF-SDN: A Big Data Framework for DDoS Attack Detection in Large-scale SDN-based Cloud", 2021 IEEE Conference on Dependable and Secure Computing (DSC), Fukushima, Japan, 2021.
• [25] R. Durner, C. Lorenz, M. Wiedemann, and W. Kellerer, "Detecting and Mitigating Denial of Service Attacks Against the Data Plane in Software Defined Networks", 2017 IEEE Conference on Network Softwarization (NetSoft), Bologna, Italy, 2017.
• [26] N. Ahuja, G. Singal, and D. Mukhopadhyay, "DLSDN: Deep Learning for DDOS Attack Detection in Software Defined Networking", 2021 11th International Conference on Cloud Computing, Data Science and Engineering (Confluence), Noida, India, 2021.
• [27] M.S. Elsayed, N.-A. Le-Khac, and A.D. Jurcut, "InSDN: A Novel SDN Intrusion Dataset", IEEE Access, vol. 8, pp. 165263-165284, 2020.