DDoS detection method based on Gini impurity and random forest in SDN environment | IEEE Conference Publication | IEEE Xplore

DDoS detection method based on Gini impurity and random forest in SDN environment


Abstract:

The software-defined network architecture separates the control layer from the data layer in the network and improves the degree of network resource pooling. However, thi...Show More

Abstract:

The software-defined network architecture separates the control layer from the data layer in the network and improves the degree of network resource pooling. However, this centralized management and control also brings security risks to the SDN architecture. Distributed denial of service (DDoS) attacks are one of the most dangerous attacks faced by the SDN architecture. Aiming at the detection of DDoS attacks under the SDN architecture, this paper proposes a DDoS attack detection method combining the trigger module based on Gini impurity and the detection module based on random forest. First, the Gini impurity of the source IP and destination IP of the data packets are analyzed. Identify anomalies and trigger detection, and then use the random forest algorithm to further classify the flow. The experimental data shows that the trigger module of this method has good detection effect, and the detection rate, accuracy and false alarm rate of the detection module for DDoS attacks are better than the support vector machine algorithm and decision tree algorithm.
Date of Conference: 18-20 June 2021
Date Added to IEEE Xplore: 27 September 2021
ISBN Information:
Conference Location: Chengdu, China

Funding Agency:


References

References is not available for this document.