Skip to main content
SpringerLink
Log in

An Intelligent ML-Based IDS Framework for DDoS Detection in the SDN Environment

  • Conference paper
  • First Online:
Advances in Mobile Computing and Multimedia Intelligence (MoMM 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13634))

  • 308 Accesses

Abstract

Software Defined Networking (SDN) is a new approach that has the potential to revolutionize the way we run network infrastructure. In order to provide a network with attack countermeasures, an Intrusion Detection System (IDS) must be integrated into the SDN architecture. In this paper, we focus on IDS based on Machine Learning (ML) methods. The most problematic step in IDS evaluation is determining the appropriate dataset. Therefore, we propose a method that allows us to select the most appropriate dataset. In addition, the selection of an ML intrusion detection method related to an SDN architecture rather than another is another issue of this paper. We propose to integrate the severity of attacks into the standard metrics to differentiate between the quality of the results of ML methods. The severity of attacks will be computed using an adequate weighting of undetected intrusions (FN and FP) obtained in the testing phase.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Kreutz, D., Ramos, F.M.V., Verissimo, P.E., Rothenberg, C.E., Azodolmolky, S., Uhlig, S.: Software-defined networking: a comprehensive survey. Proc. IEEE 103(1), 14–76 (2014)

    Article  Google Scholar 

  2. Kreutz, D., Ramos, F.M.V., Verissimo, P.: Towards secure and dependable software-defined networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 55–60 (2013)

    Google Scholar 

  3. Sachdeva, M., Singh, G., Kumar, K., Singh, K.: Measuring impact of DDOS attacks on web services (2010)

    Google Scholar 

  4. Alzahrani, A.O., Alenazi, M.J.F.: Designing a network intrusion detection system based on machine learning for software defined networks. Future Internet 13(5), 111 (2021)

    Article  Google Scholar 

  5. Ahmad, A., Harjula, E., Ylianttila, M., Ahmad, I.: Evaluation of machine learning techniques for security in SDN. In: 2020 IEEE Globecom Workshops (GC Wkshps), pp. 1–6. IEEE (2020)

    Google Scholar 

  6. Dong, S., Sarem, M.: DDoS attack detection method based on improved KNN with the degree of DDoS attack in software-defined networks. IEEE Access 8, 5039–5048 (2019)

    Article  Google Scholar 

  7. Sudar, K.M., Beulah, M., Deepalakshmi, P., Nagaraj, P., Chinnasamy, P.: Detection of distributed denial of service attacks in SDN using machine learning techniques. In: 2021 International Conference on Computer Communication and Informatics (ICCCI), pp. 1–5. IEEE (2021)

    Google Scholar 

  8. Lubna Fayez Eliyan and Roberto Di Pietro: DoS and DDoS attacks in software defined networks: a survey of existing solutions and research challenges. Futur. Gener. Comput. Syst. 122, 149–171 (2021)

    Article  Google Scholar 

  9. Chetouane, A., Karoui, K.: A survey of machine learning methods for DDoS threats detection against SDN. In: Jemili, I., Mosbah, M. (eds.) DiCES-N 2022. CCIS, vol. 1564, pp. 99–127. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-99004-6_6

    Chapter  Google Scholar 

  10. Gupta, s., Grover, D.: A comprehensive review on detection of DDoS attacks using ml in SDN environment. In: 2021 International Conference on Artificial Intelligence and Smart Systems (ICAIS), pp. 1158–1163. IEEE (2021)

    Google Scholar 

  11. Aljuhani, A.: Machine learning approaches for combating distributed denial of service attacks in modern networking environments. IEEE Access 9, 42236–42264 (2021)

    Article  Google Scholar 

  12. Sultana, N., Chilamkurti, N., Peng, W., Alhadad, R.: Survey on SDN based network intrusion detection system using machine learning approaches. Peer-to-Peer Network. Appl. 12(2), 493–501 (2019)

    Article  Google Scholar 

  13. Nadeem, M.W., Goh, H.G., Ponnusamy, V., Aun, Y.: DDoS detection in SDN using machine learning techniques

    Google Scholar 

  14. Santos, R., Souza, D., Santo, W., Ribeiro, A., Moreno, E.: Machine learning algorithms to detect DDoS attacks in SDN. Concurr. Comput. Pract. Exper. 32(16), e5402 (2020)

    Article  Google Scholar 

  15. Aslam, M., et al.: Adaptive machine learning based distributed denial-of-services attacks detection and mitigation system for SDN-enabled iot. Sensors 22(7), 2697 (2022)

    Article  Google Scholar 

  16. Zimba, A.: Malware-free intrusion: a novel approach to ransomware infection vectors. Int. J. Comput. Sci. Inf. Secur. 15(2), 317 (2017)

    Google Scholar 

  17. Pietraszek, T.: Using adaptive alert classification to reduce false positives in intrusion detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol. 3224, pp. 102–124. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30143-1_6

    Chapter  Google Scholar 

  18. Latah, M., Toker, L.: Minimizing false positive rate for dos attack detection: a hybrid SDN-based approach. ICT Express 6(2), 125–127 (2020)

    Article  Google Scholar 

  19. Sen, S., Gupta, K.D., Manjurul Ahsan, M.: Leveraging machine learning approach to setup software-defined network (SDN) controller rules during DDoS attack. In: Uddin, M.S., Bansal, J.C. (eds.) Proceedings of International Joint Conference on Computational Intelligence. AIS, pp. 49–60. Springer, Singapore (2020). https://doi.org/10.1007/978-981-13-7564-4_5

    Chapter  Google Scholar 

  20. Mukhopadhyay, N.A.D., Singal, G.: DDoS attack SDN dataset (2020)

    Google Scholar 

  21. Shivam, K.S.G., Karan, S.: SDN-DDoS-TCP-SYN dataset (2021)

    Google Scholar 

  22. Sakthivel, E., Anitha, R., Arunachalam, S., Hindumathy, M.: Detracting TCP-Syn flooding attacks in software defined networking environment. In: Hemanth, D.J., Kumar, V.D.A., Malathi, S., Castillo, O., Patrut, B. (eds.) COMET 2019. LNDECT, vol. 35, pp. 888–898. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-32150-5_89

    Chapter  Google Scholar 

  23. Wei, H.-C., Tung, Y.-H., Yu, C.-M.: Counteracting UDP flooding attacks in SDN. In: 2016 IEEE NetSoft Conference and Workshops (NetSoft), pp. 367–371. IEEE (2016)

    Google Scholar 

  24. Karoui, K.: Risk analysis linked to network attacks. In: Cyber-Vigilance and Digital Trust: Cyber Security in the Era of Cloud Computing and IoT, pp. 105–140 (2019)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. RIADI Laboratory, ENSI, University of Manouba, Manouba, Tunisia

    Ameni Chetouane & Kamel Karoui

  2. National Institute of Applied Sciences and Technologies, University of Carthage, Carthage, Tunisia

    Kamel Karoui & Ghayth Nemri

Authors
  1. Ameni Chetouane
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kamel Karoui
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ghayth Nemri
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ameni Chetouane .

Editor information

Editors and Affiliations

  1. Monash University, Melbourne, VIC, Australia

    Pari Delir Haghighi

  2. Johannes Kepler University Linz, Linz, Austria

    Ismail Khalil

  3. Johannes Kepler University Linz, Linz, Austria

    Gabriele Kotsis

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chetouane, A., Karoui, K., Nemri, G. (2022). An Intelligent ML-Based IDS Framework for DDoS Detection in the SDN Environment. In: Delir Haghighi, P., Khalil, I., Kotsis, G. (eds) Advances in Mobile Computing and Multimedia Intelligence. MoMM 2022. Lecture Notes in Computer Science, vol 13634. Springer, Cham. https://doi.org/10.1007/978-3-031-20436-4_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-20436-4_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-20435-7

  • Online ISBN: 978-3-031-20436-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation