Abstract
Edge computing extends the traditional cloud computing architecture by using the computing and storage resources on the edge of the network, making people’s work and life more convenient. However, these devices at the edge of the network are widely distributed and the environment is relatively complex. Attackers use these vulnerable IoT devices to build botnets to initiate distributed denial of service attacks, posing a serious threat to the normal use of such networks. In response to this problem, we propose an anomaly detection framework based on software-defined networking (SDN). The edge controller in the SDN network is used to obtain the flow information and extract the features of the flow. The XGBoost algorithm optimized by genetic algorithm (GA-XGBoost) we proposed is used to classify and detect the flow. Experimental results show that compared with other algorithms of the same type, our proposed algorithm has a lower false alarm rate and higher accuracy.
This work was supported by the National Natural Science Foundation of China (61572340), Advance Research Fund (No. 61403120402), Priority Academic Program Development of Jiangsu Higher Education Institutions (PAPD); Collaborative Innovation Center of Novel Software Technology and Industrialization of Universities in Jiangsu Province.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zheng, J., Li, Q., Gu, G., Cao, J., David, K., Wu, J.: Realtime DDoS defense using COTS SDN switches via adaptive correlation analysis. IEEE Trans. Inf. Forensics Secur. 13(7), 1838–1853 (2018)
Tan, L., Pan, Y., Wu, J., Zhou, J., Jiang, H., Deng, Y.: A new framework for DDoS attack detection and defense in SDN environment. IEEE Access 8, 161908–161919 (2020)
Dong, S., Abbas, K., Jain, R.: A survey on distributed denial of service (DDoS) attacks in SDN and cloud computing environments. IEEE Access 7, 80813–80828 (2019)
Shi, W., Zhang, X., Wang, Y., Zhang, Q.: Edge computing: state-of-the-art and future directions. J. Comput. Res. Dev. 56(1), 69–89 (2019)
Xiao, Y., Jia, Y., Liu, C., Cheng, X., Lv, W.: Edge computing security: state of the art and challenges. Proc. IEEE 107(8), 1608–1631 (2019)
Li, H., Wang, L.: Online orchestration of cooperative defense against DDoS attacks for 5G MEC. In: IEEE Wireless Communications and Networking Conference (WCNC), pp. 1–6 (2018)
Zhang, C., Cui, Y., Tang, H., Wu, J.: State-of-the-art survey on software-defined networking (SDN). J. Softw. 26, 62–81 (2015)
Bhunia, S., Gurusamy, M.: Dynamic attack detection and mitigation in IoT using SDN. In: International Telecommunication Networks and Applications Conference (ITNAC), pp. 1–6 (2017)
Mousavi, S., St-Hilaire, M.: Early detection of DDoS attacks against SDN controllers. In: International Conference on Computing, Networking and Communications (ICNC), pp. 77–81 (2015)
Zhuo, C., Fu, J., Cheng, Y., Xin, G., Liu, W., Peng, J.: Xgboost classifier for DDoS attack detection and analysis in SDN-based cloud. In: IEEE International Conference on Big Data and Smart Computing (BigComp), pp. 251–256 (2018)
Yang, Y., Wang, J., Zhai, B., Liu, J.: IoT-based DDoS attack detection and mitigation using the edge of SDN. In: Vaidya, J., Zhang, X., Li, J. (eds.) CSS 2019. LNCS, vol. 11983, pp. 3–17. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-37352-8_1
Dayal, N., Maity, P., Srivastava, S., Khondoker, R.: Research trends in security and DDoS in SDN. Secur. Commun. Netw. 9, 6386–6411 (2016)
Kalkan, K., Altay, L., Gür, G., Alagöz, F.: Joint entropy-based DDoS defense scheme in SDN. IEEE J. Sel. Areas Commun. 36(10), 2358–2372 (2018)
Doshi, R., Apthorpe, N., Feamster, N.: Machine learning DDoS detection for consumer internet of things devices. In: IEEE Security and Privacy Workshops (SPW), pp. 29–35 (2018)
Dong, S., Sarem, M.: DDoS attack detection method based on improved KNN with the degree of DDoS attack in software-defined networks. IEEE Access 8, 5039–5048 (2020)
Sahoo, K.S., Tripathy, B.K.: An evolutionary SVM model for DDoS attack detection in software defined networks. IEEE Access 8, 132502–132513 (2020)
Yao, L., Dong, P., Zhang, H.: Distributed denial of service attack detection based on object character in software defined network. J. Electron. Inf. Technol. 39(2), 381–388 (2017)
Liu, X., Liu, P., Xu, H., Zhu, X.: Software defined internet of things based DDoS attack detection method. J. Comput. Appl. 40(3), 753–759 (2020)
Chen, T., Guestrin, C.: Xgboost: a scalable tree boosting system. In: ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 785–794 (2016)
Ma, Y., Wen, X.: Research progress of genetic algorithm. Appl. Res. Comput. 29(4), 1201–1206 (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Ren, G., Zhang, Y., Zhang, S., Long, H. (2022). Edge DDoS Attack Detection Method Based on Software Defined Networks. In: Lai, Y., Wang, T., Jiang, M., Xu, G., Liang, W., Castiglione, A. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2021. Lecture Notes in Computer Science(), vol 13155. Springer, Cham. https://doi.org/10.1007/978-3-030-95384-3_37
Download citation
DOI: https://doi.org/10.1007/978-3-030-95384-3_37
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-95383-6
Online ISBN: 978-3-030-95384-3
eBook Packages: Computer ScienceComputer Science (R0)