Abstract
Software Defined Networking (SDN) is a new approach that has the potential to revolutionize the way we run network infrastructure. In order to provide a network with attack countermeasures, an Intrusion Detection System (IDS) must be integrated into the SDN architecture. In this paper, we focus on IDS based on Machine Learning (ML) methods. The most problematic step in IDS evaluation is determining the appropriate dataset. Therefore, we propose a method that allows us to select the most appropriate dataset. In addition, the selection of an ML intrusion detection method related to an SDN architecture rather than another is another issue of this paper. We propose to integrate the severity of attacks into the standard metrics to differentiate between the quality of the results of ML methods. The severity of attacks will be computed using an adequate weighting of undetected intrusions (FN and FP) obtained in the testing phase.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kreutz, D., Ramos, F.M.V., Verissimo, P.E., Rothenberg, C.E., Azodolmolky, S., Uhlig, S.: Software-defined networking: a comprehensive survey. Proc. IEEE 103(1), 14–76 (2014)
Kreutz, D., Ramos, F.M.V., Verissimo, P.: Towards secure and dependable software-defined networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 55–60 (2013)
Sachdeva, M., Singh, G., Kumar, K., Singh, K.: Measuring impact of DDOS attacks on web services (2010)
Alzahrani, A.O., Alenazi, M.J.F.: Designing a network intrusion detection system based on machine learning for software defined networks. Future Internet 13(5), 111 (2021)
Ahmad, A., Harjula, E., Ylianttila, M., Ahmad, I.: Evaluation of machine learning techniques for security in SDN. In: 2020 IEEE Globecom Workshops (GC Wkshps), pp. 1–6. IEEE (2020)
Dong, S., Sarem, M.: DDoS attack detection method based on improved KNN with the degree of DDoS attack in software-defined networks. IEEE Access 8, 5039–5048 (2019)
Sudar, K.M., Beulah, M., Deepalakshmi, P., Nagaraj, P., Chinnasamy, P.: Detection of distributed denial of service attacks in SDN using machine learning techniques. In: 2021 International Conference on Computer Communication and Informatics (ICCCI), pp. 1–5. IEEE (2021)
Lubna Fayez Eliyan and Roberto Di Pietro: DoS and DDoS attacks in software defined networks: a survey of existing solutions and research challenges. Futur. Gener. Comput. Syst. 122, 149–171 (2021)
Chetouane, A., Karoui, K.: A survey of machine learning methods for DDoS threats detection against SDN. In: Jemili, I., Mosbah, M. (eds.) DiCES-N 2022. CCIS, vol. 1564, pp. 99–127. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-99004-6_6
Gupta, s., Grover, D.: A comprehensive review on detection of DDoS attacks using ml in SDN environment. In: 2021 International Conference on Artificial Intelligence and Smart Systems (ICAIS), pp. 1158–1163. IEEE (2021)
Aljuhani, A.: Machine learning approaches for combating distributed denial of service attacks in modern networking environments. IEEE Access 9, 42236–42264 (2021)
Sultana, N., Chilamkurti, N., Peng, W., Alhadad, R.: Survey on SDN based network intrusion detection system using machine learning approaches. Peer-to-Peer Network. Appl. 12(2), 493–501 (2019)
Nadeem, M.W., Goh, H.G., Ponnusamy, V., Aun, Y.: DDoS detection in SDN using machine learning techniques
Santos, R., Souza, D., Santo, W., Ribeiro, A., Moreno, E.: Machine learning algorithms to detect DDoS attacks in SDN. Concurr. Comput. Pract. Exper. 32(16), e5402 (2020)
Aslam, M., et al.: Adaptive machine learning based distributed denial-of-services attacks detection and mitigation system for SDN-enabled iot. Sensors 22(7), 2697 (2022)
Zimba, A.: Malware-free intrusion: a novel approach to ransomware infection vectors. Int. J. Comput. Sci. Inf. Secur. 15(2), 317 (2017)
Pietraszek, T.: Using adaptive alert classification to reduce false positives in intrusion detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol. 3224, pp. 102–124. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30143-1_6
Latah, M., Toker, L.: Minimizing false positive rate for dos attack detection: a hybrid SDN-based approach. ICT Express 6(2), 125–127 (2020)
Sen, S., Gupta, K.D., Manjurul Ahsan, M.: Leveraging machine learning approach to setup software-defined network (SDN) controller rules during DDoS attack. In: Uddin, M.S., Bansal, J.C. (eds.) Proceedings of International Joint Conference on Computational Intelligence. AIS, pp. 49–60. Springer, Singapore (2020). https://doi.org/10.1007/978-981-13-7564-4_5
Mukhopadhyay, N.A.D., Singal, G.: DDoS attack SDN dataset (2020)
Shivam, K.S.G., Karan, S.: SDN-DDoS-TCP-SYN dataset (2021)
Sakthivel, E., Anitha, R., Arunachalam, S., Hindumathy, M.: Detracting TCP-Syn flooding attacks in software defined networking environment. In: Hemanth, D.J., Kumar, V.D.A., Malathi, S., Castillo, O., Patrut, B. (eds.) COMET 2019. LNDECT, vol. 35, pp. 888–898. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-32150-5_89
Wei, H.-C., Tung, Y.-H., Yu, C.-M.: Counteracting UDP flooding attacks in SDN. In: 2016 IEEE NetSoft Conference and Workshops (NetSoft), pp. 367–371. IEEE (2016)
Karoui, K.: Risk analysis linked to network attacks. In: Cyber-Vigilance and Digital Trust: Cyber Security in the Era of Cloud Computing and IoT, pp. 105–140 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Chetouane, A., Karoui, K., Nemri, G. (2022). An Intelligent ML-Based IDS Framework for DDoS Detection in the SDN Environment. In: Delir Haghighi, P., Khalil, I., Kotsis, G. (eds) Advances in Mobile Computing and Multimedia Intelligence. MoMM 2022. Lecture Notes in Computer Science, vol 13634. Springer, Cham. https://doi.org/10.1007/978-3-031-20436-4_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-20436-4_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-20435-7
Online ISBN: 978-3-031-20436-4
eBook Packages: Computer ScienceComputer Science (R0)