Detection and Mitigation of DDoS Attacks on SDN Controller in IoT Network using Gini Impurity-Reference-Cited by-同舟云学术

Detection and Mitigation of DDoS Attacks on SDN Controller in IoT Network using Gini Impurity

Published:2023-05-31 Issue: Volume: Page:
ISSN:
Container-title:
language:
Short-container-title:

Author:

Singh Chandrapal¹,Jain Ankit Kumar¹

Affiliation:

1. NIT Kurukshetra

Abstract

Abstract Nowadays, Distributed denial-of-service (DDoS) attacks are a serious threat to businesses and individuals, and it is getting more prevalent. Moreover, the exponential growth of IoT devices and their interdependency makes the technology more vulnerable to DDoS attacks. Therefore, this paper presents an efficient Gini-Impurity based method for detection and mitigation of DDoS attacks. The proposed approach uses the Gini impurity technique as a metric on the Software Defined Network (SDN) controller in IoT network to measure the homogeneity of the network traffic. Gini impurity based method is efficient, fast, and requires less computing power. The approach also uses a classifier to filter the network traffic. We evaluated the effectiveness of the proposed approach using real-world network traffic datasets. The detection rate of the proposed approach varies between 98% and 100%. We compared the proposed approach with existing methods, and it detects DDoS attacks early with high accuracy and a low false-positive rate.

Publisher

Research Square Platform LLC

Reference44 articles.

1. P. J. Criscuolo, Distributed Denial of Service, Tribe Flood Network 2000, and Stacheldraht CIAC-2319, Department of Energy Computer Incident Advisory Capability (CIAC), UCRL-ID-136939, Rev. 1.,Lawrence Livermore National Laboratory, February 14, 2000.

2. I. Farris, T. Taleb, Y. Khettab, and J. Song, “A survey on emerging SDN and NFV security mechanisms for IoT systems,” IEEE Commun. Surveys Tuts., vol. 21, no. 1, pp. 812–837, 1st Quart., 2019.

3. M. Du and K. Wang, “An SDN-enabled pseudo-honeypot strategy for distributed denial of service attacks in industrial Internet of Things,” IEEE Trans. Ind. Informat., vol. 16, no. 1, pp. 648–657, Jan. 2020.

4. A taxonomy of DdoS attack and DdoS defence mechanisms;Mirkovic J;ACM SIGCOMM Computer Communication Review,2004

5. Afsaneh, MohammadReza Soltanaghaei, and Farsad Zamani Boroujeni. “The DdoS attacks detection through machine learning and statistical methods in SDN;Banitalebi Dehkordi;The Journal of Supercomputing,2021

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Software-Defined-Networking-Based One-versus-Rest Strategy for Detecting and Mitigating Distributed Denial-of-Service Attacks in Smart Home Internet of Things Devices;Sensors;2024-08-03