Staff View: Collaborative detection and mitigation of DDoS in software-defined networks

Collaborative detection and mitigation of DDoS in software-defined networks

This research presents the detection and mitigation of distributed denial of service (DDoS) in software defined networks (SDN). The proposed method consists of three modules: classifier module, mitigation module, and collaborative module. An ensemble classifier called V-NKDE is capable of detecting...

Full description

Saved in:

Bibliographic Details
Main Authors:	Tayfour, O. E., Marsono, M. N.
Format:	Article
Published:	Springer 2021
Subjects:	TK Electrical engineering. Electronics Nuclear engineering
Online Access:	http://eprints.utm.my/id/eprint/95410/ http://dx.doi.org/10.1007/s11227-021-03782-9
Tags:	Add Tag No Tags, Be the first to tag this record!

id	my.utm.95410
record_format	eprints
spelling	my.utm.954102022-05-31T12:37:48Z http://eprints.utm.my/id/eprint/95410/ Collaborative detection and mitigation of DDoS in software-defined networks Tayfour, O. E. Marsono, M. N. TK Electrical engineering. Electronics Nuclear engineering This research presents the detection and mitigation of distributed denial of service (DDoS) in software defined networks (SDN). The proposed method consists of three modules: classifier module, mitigation module, and collaborative module. An ensemble classifier called V-NKDE is capable of detecting DDoS attacks accurately. The mitigation module blocks malicious traffics and purges entries of malicious traffic from the switch flow table. The collaborative module shares DDoS detection and mitigation rules among multiple SDN controllers using Redis Simple Message Queue mechanism. The proposed classifier performance validation on InSDN2020, CICIDS2017, NSL-KDD and UNSW-NB15 datasets. Furthermore we evaluated our proposed classifier in real traffic on an SDN simulation tested. The results show that the proposed method can detect DDoS attacks with high accuracy using an ensemble classifier, which performs better than single classifiers. More importantly, the false positive rate is greatly reduced, showing detection and mitigation of DDoS attacks across multi-controller domains with low controller overhead. Springer 2021 Article PeerReviewed Tayfour, O. E. and Marsono, M. N. (2021) Collaborative detection and mitigation of DDoS in software-defined networks. Journal of Supercomputing, 77 (11). pp. 13166-13190. ISSN 0920-8542 http://dx.doi.org/10.1007/s11227-021-03782-9 DOI: 10.1007/s11227-021-03782-9
institution	Universiti Teknologi Malaysia
building	UTM Library
collection	Institutional Repository
continent	Asia
country	Malaysia
content_provider	Universiti Teknologi Malaysia
content_source	UTM Institutional Repository
url_provider	http://eprints.utm.my/
topic	TK Electrical engineering. Electronics Nuclear engineering
spellingShingle	TK Electrical engineering. Electronics Nuclear engineering Tayfour, O. E. Marsono, M. N. Collaborative detection and mitigation of DDoS in software-defined networks
description	This research presents the detection and mitigation of distributed denial of service (DDoS) in software defined networks (SDN). The proposed method consists of three modules: classifier module, mitigation module, and collaborative module. An ensemble classifier called V-NKDE is capable of detecting DDoS attacks accurately. The mitigation module blocks malicious traffics and purges entries of malicious traffic from the switch flow table. The collaborative module shares DDoS detection and mitigation rules among multiple SDN controllers using Redis Simple Message Queue mechanism. The proposed classifier performance validation on InSDN2020, CICIDS2017, NSL-KDD and UNSW-NB15 datasets. Furthermore we evaluated our proposed classifier in real traffic on an SDN simulation tested. The results show that the proposed method can detect DDoS attacks with high accuracy using an ensemble classifier, which performs better than single classifiers. More importantly, the false positive rate is greatly reduced, showing detection and mitigation of DDoS attacks across multi-controller domains with low controller overhead.
format	Article
author	Tayfour, O. E. Marsono, M. N.
author_facet	Tayfour, O. E. Marsono, M. N.
author_sort	Tayfour, O. E.
title	Collaborative detection and mitigation of DDoS in software-defined networks
title_short	Collaborative detection and mitigation of DDoS in software-defined networks
title_full	Collaborative detection and mitigation of DDoS in software-defined networks
title_fullStr	Collaborative detection and mitigation of DDoS in software-defined networks
title_full_unstemmed	Collaborative detection and mitigation of DDoS in software-defined networks
title_sort	collaborative detection and mitigation of ddos in software-defined networks
publisher	Springer
publishDate	2021
url	http://eprints.utm.my/id/eprint/95410/ http://dx.doi.org/10.1007/s11227-021-03782-9
_version_	1735386800692658176
score	13.211869

Collaborative detection and mitigation of DDoS in software-defined networks

Similar Items