Loading [MathJax]/extensions/TeX/ietmacros.js
Federated Learning Based DDoS Attacks Detection in Large Scale Software-Defined Network | IEEE Journals & Magazine | IEEE Xplore

Federated Learning Based DDoS Attacks Detection in Large Scale Software-Defined Network


Abstract:

Software-Defined Networking (SDN) is an innovative concept that segments the network into three planes: a control plane comprising of one or multiple controllers; a data ...Show More

Abstract:

Software-Defined Networking (SDN) is an innovative concept that segments the network into three planes: a control plane comprising of one or multiple controllers; a data plane responsible for data transmission; and an application plane which enables the reconfiguration of network functionalities. Nevertheless, this approach has exposed the controller as a prime target for malicious elements to attack it, such as Distributed Denial of Service (DDoS) attacks. Current DDoS defense schemes often increased the controller load and resource consumption. These schemes are typically tailored for single-controller architectures, a significant limitation when considering the scalability requirements of large-scale SDN. To address these limitations, we introduce an efficient Federated Learning approach, named “FedLAD,” designed to counter DDoS attacks in SDN-based large-scale networks, particularly in multi-controller architectures. Federated learning is a decentralized approach to machine learning where models are trained across multiple devices as controllers store local data samples, without exchanging them. The evaluation of the proposed scheme's performance, using InSDN, CICDDoS2019, and CICDoS2017 datasets, shows an accuracy exceeding 98%, a significant improvement compared to related works. Furthermore, the evaluation of the FedLAD protocol with real-time traffic in an SDN context demonstrates its ability to detect DDoS attacks with high accuracy and minimal resource consumption. To the best of our knowledge, this work introduces a new technique in applying FL for DDoS attack detection in large-scale SDN.
Published in: IEEE Transactions on Computers ( Volume: 74, Issue: 1, January 2025)
Page(s): 101 - 115
Date of Publication: 04 October 2024

ISSN Information:

Funding Agency:


References

References is not available for this document.