scholarly journals SVM Implementation for Ddos Attacks in Software Defined Networks

2020 ◽  
Vol 10 (1) ◽  
pp. 205-212
Keyword(s):  
Detection Rate ◽  
Denial Of Service ◽  
Support Vector ◽  
Software Defined Network ◽  
Software Defined Networks ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Network Resources ◽  
Elapsed Time ◽  
Classification Technique

Software Defined Network (SDN) is making software interaction with the network. SDN has made the network flexible and dynamic and also enabled the abstraction feature of applications and services. As the network is independent of any of the devices like in traditional networks there exist routers, hubs, and switches that is why it is preferable these days. Being more preferably used it has become more vulnerable in terms of security. The more common attacks that corrupt the network and hinders the efficiency are distributed denial-of-service (DDOS) attacks. DDOS is an attack that in general leads to exhaust of the network resources in turn stopping the controller. Detection of DDOS attacks requires a classification technique that provides accurate and efficient decision making. As per the analysis Support Vector Machine (SVM), the classifier technique detects more accurately and precisely the attacks. This paper produces a better approach to detecting attacks using SVM classifiers in terms of detection rate and elapsed time of the attack and it also predicts the various types of distributed denial of service attacks that have corrupted the network.

scholarly journals DETECTION AND MITIGATION OF DISTRIBUTED DENIAL OF SERVICE ATTACKS ON NETWORK ARCHITECTURE SOFTWARE DEFINED NETWORKING USING THE NAIVE BAYES ALGORITHM

2022 ◽  
Vol 3 (2) ◽  
pp. 51-55
Author(s):  
Misbachul Munir ◽  
Ipung Ardiansyah ◽  
Joko Dwi Santoso ◽  
Ali Mustopa ◽  
Sri Mulyatun
Keyword(s):  
Network Architecture ◽  
Naive Bayes ◽  
Denial Of Service ◽  
Naïve Bayes ◽  
Software Defined Network ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Network Resources ◽  
Bayes Algorithm

DDoS attacks are a form of attack carried out by sending packets continuously to machines and even computer networks. This attack will result in a machine or network resources that cannot be accessed or used by users. DDoS attacks usually originate from several machines operated by users or by bots, whereas Dos attacks are carried out by one person or one system. In this study, the term to be used is the term DDoS to represent a DoS or DDoS attack. In the network world, Software Defined Network (SDN) is a promising paradigm. SDN separates the control plane from forwarding plane to improve network programmability and network management. As part of the network, SDN is not spared from DDoS attacks. In this study, we use the naïve Bayes algorithm as a method to detect DDoS attacks on the Software Defined Network network architecture

scholarly journals MITIGATING SLOW HYPERTEXT TRANSFER PROTOCOL DISTRIBUTED DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORKS

2021 ◽  
Vol 20 (Number 3) ◽  
pp. 277-304
Author(s):  
Oluwatobi Shadrach Akanji ◽  
Opeyemi Aderiike Abisoye ◽  
Mohammed Awwal Iliyasu
Keyword(s):  
Genetic Algorithm ◽  
Support Vector Machine ◽  
Denial Of Service ◽  
Receiver Operating Curve ◽  
Support Vector ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Positive Rate ◽  
Hypertext Transfer Protocol ◽  
Transfer Protocol

Distributed Denial of Service (DDoS) attacks has been one of the persistent forms of attacks on information technology infrastructure connected to public networks due to the ease of access to DDoS attack tools. Researchers have been able to develop several techniques to curb volumetric DDoS which overwhelms the target with a large number of request packets. However, compared to slow DDoS, limited number of research has been executed on mitigating slow DDoS. Attackers have resorted to slow DDoS because it mimics the behaviour of a slow legitimate client thereby causing service unavailability. This paper provides the scholarly community with an approach to boosting service availability in web servers under slow Hypertext Transfer Protocol (HTTP) DDoS attacks through attack detection using Genetic Algorithm and Support Vector Machine which facilitates attack mitigation in a Software-Defined Networking (SDN) environment simulated in GNS3. Genetic algorithm was used to select the Netflow features which indicates the presence of an attack and also determine the appropriate regularization parameter, C, and gamma parameter for the Support Vector Machine classifier. Results obtained showed that the classifier had detection accuracy, Area Under Receiver Operating Curve (AUC), true positive rate, false positive rate and a false negative rate of 99.89%, 99.89%, 99.95%, 0.18%, and 0.05% respectively. Also, the algorithm for subsequent implementation of the selective adaptive bubble burst mitigation mechanism was presented. This study contributes to the ongoing research in detecting and mitigating slow HTTP DDoS attacks with emphasis on the use of machine learning classification and meta-heuristic algorithms.

scholarly journals ADAPTIVE ENTROPY-BASED DETECTION AND MITIGATION OF DDOS ATTACKS IN SOFTWARE DEFINED NETWORKS

2020 ◽  
pp. 399-410
Author(s):  
Jawad Dalou' ◽  
Basheer Al-Duwairi ◽  
Mohammad Al-Jarrah
Keyword(s):  
Denial Of Service ◽  
Attack Detection ◽  
Point Of View ◽  
Software Defined Networks ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Control Plane ◽  
Data Plane ◽  
And Control ◽  
Sdn Controller

Software Defined Networking (SDN) has emerged as a new networking paradigm that is based on the decoupling between data plane and control plane providing several benefits that include flexible, manageable, and centrally controlled networks. From a security point of view, SDNs suffer from several vulnerabilities that are associated with the nature of communication between control plane and data plane. In this context, software defined networks are vulnerable to distributed denial of service attacks. In particular, the centralization of the SDN controller makes it an attractive target for these attacks because overloading the controller with huge packet volume would result in bringing the whole network down or degrade its performance. Moreover, DDoS attacks may have the objective of flooding a network segment with huge traffic volume targeting single or multiple end systems. In this paper, we propose an entropy-based mechanism for Distributed Denial of Service (DDoS) attack detection and mitigation in SDN networks. The proposed mechanism is based on the entropy values of source and destination IP addresses of flows observed by the SDN controller which are compared to a preset entropy threshold values that change in adaptive manner based on network dynamics. The proposed mechanism has been evaluated through extensive simulation experiments.

Taxonomy of Distributed Denial of Service (DDoS) Attacks and Defense Mechanisms in Present Era of Smartphone Devices

2018 ◽  
Vol 10 (2) ◽  
pp. 58-74 ◽  
Author(s):  
Kavita Sharma ◽  
B. B. Gupta
Keyword(s):  
Defense Mechanisms ◽  
Computer Network ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Network Resources ◽  
Common People ◽  
Ddos Attack ◽  
Legitimate User

This article describes how in the summer of 1999, the Computer Incident Advisory Capability first reported about Distributed Denial of Service (DDoS) attack incidents and the nature of Denial of Service (DoS) attacks in a distributed environment that eliminates the availability of resources or data on a computer network. DDoS attack exhausts the network resources and disturbs the legitimate user. This article provides an explanation on DDoS attacks and nature of these attacks against Smartphones and Wi-Fi Technology and presents a taxonomy of various defense mechanisms. The smartphone is chosen for this study, as they have now become a necessity rather than a luxury item for the common people.

scholarly journals A Review of Anomaly Detection Techniques and Distributed Denial of Service (DDoS) on Software Defined Network (SDN)

2018 ◽  
Vol 8 (2) ◽  
pp. 2724-2730 ◽  
Author(s):  
M. H. H. Khairi ◽  
S. H. S. Ariffin ◽  
N. M. Abdul Latiff ◽  
A. S. Abdullah ◽  
M. K. Hassan
Keyword(s):  
Anomaly Detection ◽  
Network Architecture ◽  
Denial Of Service ◽  
Software Defined Network ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Detection Techniques ◽  
And Control ◽  
Entire Network

Software defined network (SDN) is a network architecture in which the network traffic may be operated and managed dynamically according to user requirements and demands. Issue of security is one of the big challenges of SDN because different attacks may affect performance and these attacks can be classified into different types. One of the famous attacks is distributed denial of service (DDoS). SDN is a new networking approach that is introduced with the goal to simplify the network management by separating the data and control planes. However, the separation leads to the emergence of new types of distributed denial-of-service (DDOS) attacks on SDN networks. The centralized role of the controller in SDN makes it a perfect target for the attackers. Such attacks can easily bring down the entire network by bringing down the controller. This research explains DDoS attacks and the anomaly detection as one of the famous detection techniques for intelligent networks.

scholarly journals Advanced Support Vector Machine- (ASVM-) Based Detection for Distributed Denial of Service (DDoS) Attack on Software Defined Networking (SDN)

2019 ◽  
Vol 2019 ◽  
pp. 1-12 ◽  
Author(s):  
Myo Myint Oo ◽  
Sinchai Kamolphiwong ◽  
Thossaporn Kamolphiwong ◽  
Sangsuree Vasupongayya
Keyword(s):  
Support Vector Machine ◽  
Denial Of Service ◽  
Detection Technique ◽  
Support Vector ◽  
Testing Time ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Training Time ◽  
Ddos Attack ◽  
Advanced Support

Software Defined Networking (SDN) has many advantages over a traditional network. The great advantage of SDN is that the network control is physically separated from forwarding devices. SDN can solve many security issues of a legacy network. Nevertheless, SDN has many security vulnerabilities. The biggest issue of SDN vulnerabilities is Distributed Denial of Service (DDoS) attack. The DDoS attack on SDN becomes an important problem, and varieties of methods had been applied for detection and mitigation purposes. The objectives of this paper are to propose a detection method of DDoS attacks by using SDN based technique that will disturb the legitimate user's activities at the minimum and to propose Advanced Support Vector Machine (ASVM) technique as an enhancement of existing Support Vector Machine (SVM) algorithm to detect DDoS attacks. ASVM technique is a multiclass classification method consisting of three classes. In this paper, we can successfully detect two types of flooding-based DDoS attacks. Our detection technique can reduce the training time as well as the testing time by using two key features, namely, the volumetric and the asymmetric features. We evaluate the results by measuring a false alarm rate, a detection rate, and accuracy. The detection accuracy of our detection technique is approximately 97% with the fastest training time and testing time.

Deteksi Dan Mitigasi Serangan DDoS Pada Software Defined Network Menggunakan Algoritma Decision Tree

Repositor ◽  
2020 ◽  
Vol 2 (11) ◽  
pp. 1491
Author(s):  
Muhammad Qaidin Syahputra ◽  
Denar Regata Akbi ◽  
Diah Risqiwati
Keyword(s):  
Decision Tree ◽  
Denial Of Service ◽  
Network Data ◽  
Software Defined Network ◽  
Distributed Denial Of Service ◽  
Network Resources ◽  
Control Functions ◽  
Data Plane ◽  
User Data ◽  
Sdn Controller

Software Defined Network (SDN) merupakan paradigma baru dalam manajemen jaringan yang memberikan fasilitas untuk melakukan konfigurasi, virtualisasi, dan mengolah infrasturktur jaringan secara terpusat. Manajemen jaringan secara terpusat dilakukan pada SDN Controller yang dimana memisahkan network data plane dari control functions. Serangan Distributed Denial of Service (DDoS) adalah salah satu permasalahan besar dalam kemanan jaringan yang menyebabkan services yang ada pada jaringan menjadi tidak dapat diakses dalam jangka waktu tertentu. Penelitian ini bertujuan untuk membuat sistem deteksi menggunakan algortima Decision Tree dan mitigasi serangan DDoS dengan metode drop packet pada Software Defined Network. Model klasifikasi yang telah dibangun berdasarkan dataset CICIDS 2017 diterapkan pada controller dan kemudian menjadi pendeteksi serangan DDoS jenis User Data Protocol (UDP). Setiap packet in yang masuk ke dalam controller akan melalui proses pendeteksian sebelum diteruskan kepada destination source, adapun jika packet in terdeteksi sebagai serangan DDoS maka controller akan melakukan fungsi mitigasi drop packet terhadap host yang terbukti melakukan penyerangan. Dari percobaan yang telah dilakukan UDP Flood terbukti menghabiskan banyak network resources dan meningkatkan penggunaan CPU sehingga menyebabkan controller mengalami gangguan berfungsi selama proses penyerangan berlangsung. Hasil penelitian ini menunjukkan bahwa sistem yang dibuat berhasil melakukan proses deteksi dan mitigasi  serangan UDP Flood dengan akurasi sebesar 99.95% dan diikuti proses mitigasi dari setiap paket yang terbukti melakukan penyerangan.   Kata kunci: SDN, CICIDS 2017, UDP Flood, Decision Tree, Drop Packet.

Sign in / Sign up

Export Citation Format

Share Document