Browse > Article
http://dx.doi.org/10.17661/jkiiect.2020.13.6.605

A DDoS Attack Detection Technique through CNN Model in Software Define Network  

Ko, Kwang-Man (Department of Computer Engineering, Sang-Ji University)
Publication Information
The Journal of Korea Institute of Information, Electronics, and Communication Technology / v.13, no.6, 2020 , pp. 605-610 More about this Journal
Abstract
Software Defined Networking (SDN) is setting the standard for the management of networks due to its scalability, flexibility and functionality to program the network. The Distributed Denial of Service (DDoS) attack is most widely used to attack the SDN controller to bring down the network. Different methodologies have been utilized to detect DDoS attack previously. In this paper, first the dataset is obtained by Kaggle with 84 features, and then according to the rank, the 20 highest rank features are selected using Permutation Importance Algorithm. Then, the datasets are trained and tested with Convolution Neural Network (CNN) classifier model by utilizing deep learning techniques. Our proposed solution has achieved the best results, which will allow the critical systems which need more security to adopt and take full advantage of the SDN paradigm without compromising their security.
Keywords
CNN; Deep Learning; DDoS Attack; Permutation Importance Algorithm; Software Defined Network;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 "Toward an Optimal Solution Against Denial of Service Attacks in Software Defined Networks-ScienceDirect." [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0167739X18302930 #bb40. [Accessed: 30-Mar-2019].
2 O. Rahman, M. A. G. Quraishi, C.-H. Lung, "Ddos attacks detection and mitigation insdn using machine learning," IEEE World Congress on Services, Vol. 2642, pp.184-189, 2019.
3 Nugraha, M., Paramita, I., Musa, A., Choi, D. and Cho, B., "Utilizing OpenFlow and sFlow to Detect and Mitigate SYN Flooding Attack," Journal of Korea Multimedia Society, 17(8), pp.988-994, 2014.   DOI
4 sFlow Version 5. [Online]. http://sflow.org/sflow version 5.txt, 2017.
5 Dharma N.G., Muthohar M.F., Prayuda J.A. Priagung, K., Choi, D., "Time-based DDoS detection and mitigation for SDN controller. Network Operations and Management Symposium, pp.550-553, 2015.
6 Huseyin Polat, Onur Polat, Aydin Cetin, "Detecting DDoS Attacks in Software-Defined Networks Through Feature Selection Methods and Machine Learning Models," MDPI Sustainability, 2020.
7 Ye, J., Cheng, X. Zhu, J., Feng, L., Song, L., "A DDoS attack detection method based on SVM in software-defined network," Secure Communication Network. pp.1-8, 2018.
8 Braga R., Mota E., Passito A., "Lightweight DDoS flooding attack detection using NOX/OpenFlow. Local Computer Networks (LCN2010), pp.408-415, 2010.
9 Mousavi S.M., St-Hilaire M., "Early detection of DDoS attacks against SDN controllers", In Computing Networking and Communications, pp.77-81, 2015.
10 Soon-Gohn Kim, "A Study on the Detection Technique of DDoS Attacks on the Software-Defined Networks," The Journal of KIIECT, Vol. 13, No.1, pp.81-87, 2020.
11 Wang R., Jia Z., Ju, L., "An Entropy-Based DDoS Detection Mechanism in SDN", Trustcom/BigDataSE/ISPA 2015, Vol. 1, pp. 310-317, 2015.