Skip to main content
Log in

Secure SDN–IoT Framework for DDoS Attack Detection Using Deep Learning and Counter Based Approach

  • Research
  • Published:
Journal of Network and Systems Management Aims and scope Submit manuscript

Abstract

The IoT network is unique due to heterogeneous IoT nodes and resource-constrained devices; the approach for securing IoT networks needs to be different from the security measures implemented for traditional network communication. In IoT networks, various security vulnerabilities are exploited by an attacker to generate a variety of DDoS attacks. In this paper, the authors propose a unique approach for securing IoT networks using an SDN-enabled framework that incorporates a dynamic counter-based approach and deep learning models. The aim is to detect and mitigate various security vulnerabilities that attackers exploit to generate DDoS attacks in IoT networks. Specifically, the proposed framework is tested using the CICDDoS2019 dataset to identify reflection attacks and exploitation attacks in TCP, UDP, and ICMP. The framework is also analyzed by varying network parameters such as the number of IoT attack nodes and payload to measure the performance of the SDN controller workload, CPU utilization, and attack detection time. The experimental results demonstrate that the proposed framework can efficiently detect and mitigate DDoS attacks while utilizing CPU resources effectively and in a shorter time compared to existing approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21

Similar content being viewed by others

Data Availability

CIC-DDoS2019 dataset is utilised from https://www.unb.ca/cic/datasets/ddos-2019.html.

References

  1. Taylor, R., Schmidt, D.B.: The world in 2025—predictions for the next ten years. In: Paper Presented at the 10th International Microsystems, Packaging, Assembly and Circuits Technology Conference (IMPACT). https://doi.org/10.1109/IMPACT.2015.7365193 (2015).

  2. Abbasinezhad-Mood, D., Nikooghadam, M.: An anonymous ECC-based self-certified key distribution scheme for the smart grid. IEEE Trans. Ind. Electron. 65(10), 7996–8004 (2018). https://doi.org/10.1109/TIE.2018.2807383

    Article  Google Scholar 

  3. Abbasinezhad-Mood, D., Ostad-Sharif, A., Nikooghadam, M.: Novel anonymous key establishment protocol for isolated smart meters. IEEE Trans. Ind. Electron. 67(4), 2844–2851 (2019). https://doi.org/10.1109/TIE.2019.2912789

    Article  Google Scholar 

  4. Abbasinezhad-Mood, D., Nikooghadam, M.: Efficient design of a novel ECC-based public key scheme for medical data protection by utilization of NanoPi fire. IEEE Trans. Reliab. 67(3), 1328–1339 (2018). https://doi.org/10.1109/TR.2018.2850966

    Article  Google Scholar 

  5. Ge, Y., Zhang, X., Han, B.: Complex IoT control system modeling from perspectives of environment perception and information security. Mobile Netw. Appl. 22(4), 683–691 (2017). https://doi.org/10.1007/s11036-017-0846-5

    Article  Google Scholar 

  6. Yin, D., Zhang, L., Yang, K.: A DDOS attack detection and mitigation with software-defined internet of things framework. IEEE Access 6, 24694–24705 (2018). https://doi.org/10.1109/ACCESS.2018.2831284

    Article  Google Scholar 

  7. Yang, Y., Wu, L., Yin, G., Li, L., Zhao, H.: A survey on security and privacy issues in internet-of-things. IEEE Internet Things J. 4(5), 1250–1258 (2017). https://doi.org/10.1109/JIoT.2017.2694844

  8. Zhang, J., Chen, H., Gong, L., Cao, J., Gu, Z.: The current research of IoT security. In: 2019 IEEE Fourth International Conference on Data Science in Cyberspace (DSC), pp. 346–353. IEEE, New York. https://doi.org/10.1109/DSC.2019.00059 (2019).

  9. Miettinen, M., Marchal, S., Hafeez, I., Asokan, N., Sadeghi, A.-R., Tarkoma, S.: IoT sentinel: automated device-type identification for security enforcement in IoT. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 2177–2184. IEEE, New York. https://doi.org/10.1109/ICDCS.2017.283 (2017).

  10. Galluccio, L., Milardo, S., Morabito, G., Palazzo, S.: SDN-wise: design, prototyping and experimentation of a stateful SDN solution for wireless sensor networks. In: 2015 IEEE Conference on Computer Communications (INFOCOM), pp. 513–521. IEEE, New York. https://doi.org/10.1109/INFOCOM.2015.7218418 (2015).

  11. Kalkan, K., Zeadally, S.: Securing internet of things with software defined networking. IEEE Commun. Mag. 56(9), 186–192 (2017). https://doi.org/10.1109/MCOM.2017.1700714

    Article  Google Scholar 

  12. Chen, Y.-W., Sheu, J.-P., Kuo, Y.-C., Van Cuong, N.: Design and implementation of IoT DDOS attacks detection system based on machine learning. In: 2020 European Conference on Networks and Communications (EuCNC), pp. 122–127. IEEE, New York. https://doi.org/10.1109/EuCNC48522.2020.9200909 (2020).

  13. AbdelAzim, N.M., Fahmy, S.F., Sobh, M.A., Eldin, A.M.B.: A hybrid entropy-based DoS attacks detection system for software defined networks (SDN): a proposed trust mechanism. Egypt. Inform. J. 22(1), 85–90 (2021). https://doi.org/10.1016/j.eij.2020.04.005

    Article  Google Scholar 

  14. Kumar, N., Mittal, N., Thakur, P., Srivastava, R.: Analysis of different detection and mitigation algorithm of DDoS attack in software-defined internet of things framework: A review. Recent Trends Adv. Artif. Intell. Internet Things (2020). https://doi.org/10.1007/978-3-030-32644-9_39

    Article  Google Scholar 

  15. Zarca, A.M., Bernabe, J.B., Skarmeta, A., Calero, J.M.A.: Virtual IoT honeynets to mitigate cyberattacks in SDN/NFV-enabled IoT networks. IEEE J. Sel. Areas Commun. 38(6), 1262–1277 (2020). https://doi.org/10.1109/JSAC.2020.2986621

    Article  Google Scholar 

  16. Giotis, K., Argyropoulos, C., Androulidakis, G., Kalogeras, D., Maglaris, V.: Combining openflow and sflow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput. Netw. 62, 122–136 (2014). https://doi.org/10.1016/j.bjp.2013.10.014

    Article  Google Scholar 

  17. Wani, A., Revathi, S.: DDoS detection and alleviation in IoT using SDN (SDIoT-DDoS-DA). J. Inst. Eng. India Ser. B 101(2), 117–128 (2020). https://doi.org/10.1007/s40031-020-00442-z

    Article  Google Scholar 

  18. Bhayo, J., Hameed, S., Shah, S.A.: An efficient counter-based DDoS attack detection framework leveraging software defined IoT (SD-IoT). IEEE Access 8, 221612–221631 (2020). https://doi.org/10.1109/ACCESS.2020.3043082

    Article  Google Scholar 

  19. Galeano-Brajones, J., Carmona-Murillo, J., Valenzuela-Valdés, J.F., Luna-Valero, F.: Detection and mitigation of DoS and DDoS attacks in IoT-based stateful SDN: an experimental approach. Sensors 20(3), 816 (2020). https://doi.org/10.3390/s20030816

    Article  Google Scholar 

  20. Yang, Y., Wang, J., Zhai, B., Liu, J.: IoT-based DDoS attack detection and mitigation using the edge of SDN. In: International Symposium on Cyberspace Safety and Security, pp. 3–17. Springer, New York. https://doi.org/10.1007/978-3-030-37352-8_1 (2019).

  21. Yin, D., Zhang, L., Yang, K.: A DDoS attack detection and mitigation with software-defined internet of things framework. IEEE Access 6, 24694–24705 (2018). https://doi.org/10.1109/ACCESS.2018.2831284

    Article  Google Scholar 

  22. Silveira, F.A.F., Lima-Filho, F., Silva, F.S.D., Junior, A.d.M.B., Silveira, L.F.: Smart detection-IoT: a DDoS sensor system for internet of things. In: 2020 International Conference on Systems, Signals and Image Processing (IWSSIP), pp. 343–348. IEEE, New York. https://doi.org/10.1109/IWSSIP48289.2020.9145265 (2020).

  23. Bull, P., Austin, R., Popov, E., Sharma, M., Watson, R.: Flow based security for IoT devices using an SDN gateway. In: 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), pp. 157–163. IEEE, New York. https://doi.org/10.1109/FiCloud.2016.30 (2016).

  24. Ninikrishna, T., Sarkar, S., Tengshe, R., Jha, M.K., Sharma, L., Daliya, V., Routray, S.K.: Software defined IoT: issues and challenges. In: 2017 International Conference on Computing Methodologies and Communication (ICCMC), pp. 723–726. IEEE, New York. https://doi.org/10.1109/ICCMC.2017.8282560 (2017).

  25. Yungaicela-Naula, N.M., Vargas-Rosales, C., Perez-Diaz, J.A.: SDN-based architecture for transport and application layer DDoS attack detection by using machine and deep learning. IEEE Access 9, 108495–108512 (2021). https://doi.org/10.1109/ACCESS.2021.3101650

    Article  Google Scholar 

  26. Sarica, A.K., Angin, P.: A novel SDN dataset for intrusion detection in IoT networks. In: 2020 16th International Conference on Network and Service Management (CNSM), pp. 1–5. IEEE, New York. https://doi.org/10.23919/CNSM50824.2020.9269042 (2020).

  27. Idhammad, M., Afdel, K., Belouch, M.: Semi-supervised machine learning approach for DDoS detection. Appl. Intell. 48(10), 3193–3208 (2018). https://doi.org/10.1007/s10489-018-1141-2

    Article  Google Scholar 

  28. Priyadarshini, R., Barik, R.K.: A deep learning based intelligent framework to mitigate DDoS attack in fog environment. J. King Saud Univ.-Comput. Inf. Sci. (2019). https://doi.org/10.1016/j.jksuci.2019.04.010

    Article  Google Scholar 

  29. Novaes, M.P., Carvalho, L.F., Lloret, J., Proença, M.L.: Long short-term memory and fuzzy logic for anomaly detection and mitigation in software-defined network environment. IEEE Access 8, 83765–83781 (2020). https://doi.org/10.1109/ACCESS.2020.2992044

    Article  Google Scholar 

  30. Tuan, N.N., Hung, P.H., Nghia, N.D., Tho, N.V., Phan, T.V., Thanh, N.H.: A DDoS attack mitigation scheme in ISP networks using machine learning based on SDN. Electronics 9(3), 413 (2020). https://doi.org/10.3390/electronics9030413

    Article  Google Scholar 

  31. Gumaste, S., Shinde, S., et al.: Detection of DDoS attacks in openstack-based private cloud using apache spark. J. Telecommun. Inf. Technol. (2020). https://doi.org/10.26636/jtit.2020.146120

    Article  Google Scholar 

  32. Tan, L., Pan, Y., Wu, J., Zhou, J., Jiang, H., Deng, Y.: A new framework for DDoS attack detection and defense in SDN environment. IEEE Access 8, 161908–161919 (2020). https://doi.org/10.1109/ACCESS.2020.3021435

    Article  Google Scholar 

  33. Cherian, M.M., Varma, S.L.: Mitigation of DDoS and MITM attacks using belief based secure correlation approach in SDN-based IoT networks. Int. J. Comput. Netw. Inf. Secur. (2022). https://doi.org/10.1007/978-3-030-37352-8_1

    Article  Google Scholar 

  34. Bouzidi, E.H., Outtagarts, A., Langar, R., Boutaba, R.: Dynamic clustering of software defined network switches and controller placement using deep reinforcement learning. Comput. Netw. 207, 108852 (2022). https://doi.org/10.1016/j.comnet.2022.108852

    Article  Google Scholar 

  35. Cil, A.E., Yildiz, K., Buldu, A.: Detection of DDoS attacks with feed forward based deep neural network model. Expert Syst. Appl. 169, 114520 (2021). https://doi.org/10.1016/j.eswa.2020.114520

    Article  Google Scholar 

  36. Kandoi, R., Antikainen, M.: Denial-of-service attacks in openflow SDN networks. In: 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), pp. 1322–1326. IEEE, New York (2015).

  37. Sharafaldin, I., Lashkari, A.H., Hakak, S., Ghorbani, A.A.: Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. In: 2019 International Carnahan Conference on Security Technology (ICCST), pp. 1–8. IEEE, New York (2019).

  38. Kachavimath, A.V., Narayan, D.: A deep learning-based framework for distributed denial-of-service attacks detection in cloud environment. In: Advances in Computing and Network Communications: Proceedings of CoCoNet 2020, vol 1, pp. 605–618. Springer, New York. https://doi.org/10.1007/978-981-33-6977-1_44 (2021)

  39. Ahanger, T.A., Aljumah, A., Atiquzzaman, M.: State-of-the-art survey of artificial intelligent techniques for IoT security. Comput. Netw. (2022). https://doi.org/10.1016/j.comnet.2022.108771

    Article  Google Scholar 

  40. Wang, S., Gomez, K., Sithamparanathan, K., Asghar, M.R., Russello, G., Zanna, P.: Mitigating DDoS attacks in SDN-based IoT networks leveraging secure control and data plane algorithm. Appl. Sci. 11(3), 929 (2021). https://doi.org/10.3390/app11030929

    Article  Google Scholar 

  41. Shurman, M.M., Khrais, R.M., Yateem, A.A., et al.: DoS and DDoS attack detection using deep learning and IDS. Int. Arab J. Inf. Technol. 17(4A), 655–661 (2020). https://doi.org/10.34028/iajit/17/4A/10

    Article  Google Scholar 

  42. Kumar, K., Behal, S., et al.: Distributed denial of service attack detection using deep learning approaches. In: 2021 8th International Conference on Computing for Sustainable Global Development (INDIACom), pp. 491–495. IEEE, New York (2021).

  43. Sha, M., Boukerche, A.: Performance evaluation of CNN-based pedestrian detectors for autonomous vehicles. Ad Hoc Netw. 128, 102784 (2022). https://doi.org/10.1016/j.adhoc.2022.102784

    Article  Google Scholar 

  44. Kousar, H., Mulla, M.M., Shettar, P., Narayan, D.: Detection of DDoS attacks in software defined network using decision tree. In: 2021 10th IEEE International Conference on Communication Systems and Network Technologies (CSNT), pp. 783–788. IEEE, New York. https://doi.org/10.1109/CSNT51715.2021.9509634 (2021).

  45. Le, T., Shetty, S.: Artificial intelligence-aided privacy preserving trustworthy computation and communication in 5G-based IoT networks. Ad Hoc Netw. 126, 102752 (2022). https://doi.org/10.1016/j.adhoc.2021.102752

    Article  Google Scholar 

  46. Ali, J., Lee, S., Roh, B.-H.: Performance analysis of Pox and Ryu with different SDN topologies. In: Proceedings of the 2018 International Conference on Information Science and System, pp. 244–249. https://doi.org/10.1145/3209914.3209931 (2018).

  47. Prasad, A., Chandra, S.: VMFCVD: an optimized framework to combat volumetric DDoS attacks using machine learning. Arab. J. Sci. Eng. (2022). https://doi.org/10.1007/s13369-021-06484-9

    Article  Google Scholar 

  48. Kushwah, G.S., Ranga, V.: Optimized extreme learning machine for detecting DDoS attacks in cloud computing. Comput. Secur. 105, 102260 (2021). https://doi.org/10.1016/j.cose.2021.102260

    Article  Google Scholar 

  49. Elsayed, M.S., Le-Khac, N.-A., Dev, S., Jurcut, A.D.: Ddosnet: a deep-learning model for detecting network attacks. In: 2020 IEEE 21st International Symposium On“ A World of Wireless, Mobile and Multimedia Networks”(WoWMoM), pp. 391–396. IEEE, New York. https://doi.org/10.1109/WoWMoM49955.2020.00072 (2020)

  50. Bolodurina, I., Shukhman, A., Parfenov, D., Zhigalov, A., Zabrodina, L.: Investigation of the problem of classifying unbalanced datasets in identifying distributed denial of service attacks. J. Phys. Conf. Ser. (IOP Publishing) 1679, 042020 (2020). https://doi.org/10.1088/1742-6596/1679/4/042020

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Contributions

M.C. and S.L.V. have equally contributed.

Corresponding author

Correspondence to Mimi Cherian.

Ethics declarations

Conflict of interest

The authors declare no conflict of interest.

Ethical Approval

Not applicable.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Cherian, M., Varma, S.L. Secure SDN–IoT Framework for DDoS Attack Detection Using Deep Learning and Counter Based Approach. J Netw Syst Manage 31, 54 (2023). https://doi.org/10.1007/s10922-023-09749-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10922-023-09749-w

Keywords

Navigation