A DDoS Detection Method Based on Feature Engineering and Machine Learning in Software-Defined Networks-Reference-Cited by-同舟云学术

A DDoS Detection Method Based on Feature Engineering and Machine Learning in Software-Defined Networks

Published:2023-07-05 Issue:13 Volume:23 Page:6176
ISSN:1424-8220
Container-title:Sensors
language:en
Short-container-title:Sensors

Author:

Liu Zhenpeng¹²^ORCID,Wang Yihang¹,Feng Fan²,Liu Yifan³,Li Zelin¹,Shan Yawei¹

Affiliation:

1. School of Electronic Information Engineering, Hebei University, Baoding 071002, China

2. Information Technology Center, Hebei University, Baoding 071002, China

3. School of Cyberspace Security and Computer, Hebei University, Baoding 071002, China

Abstract

Distributed denial-of-service (DDoS) attacks pose a significant cybersecurity threat to software-defined networks (SDNs). This paper proposes a feature-engineering- and machine-learning-based approach to detect DDoS attacks in SDNs. First, the CSE-CIC-IDS2018 dataset was cleaned and normalized, and the optimal feature subset was found using an improved binary grey wolf optimization algorithm. Next, the optimal feature subset was trained and tested in Random Forest (RF), Support Vector Machine (SVM), K-Nearest Neighbor (k-NN), Decision Tree, and XGBoost machine learning algorithms, from which the best classifier was selected for DDoS attack detection and deployed in the SDN controller. The results show that RF performs best when compared across several performance metrics (e.g., accuracy, precision, recall, F1 and AUC values). We also explore the comparison between different models and algorithms. The results show that our proposed method performed the best and can effectively detect and identify DDoS attacks in SDNs, providing a new idea and solution for the security of SDNs.

Funder

National Natural Science Foundation of Hebei Province, China

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry

Link

https://www.mdpi.com/1424-8220/23/13/6176/pdf

Reference50 articles.

1. An Efficient IDS Framework for DDoS Attacks in SDN Environment;Varghese;IEEE Access,2021

2. Wu, Q., Shi, S., Wan, Z., Fan, Q., Fan, P., and Zhang, C. (2023). Towards V2I Age-aware Fairness Access: A DQN Based Intelligent Vehicular Node Training and Test Method. Chin. J. Electr., in press.

3. Ashraf, J., Moustafa, N., Bukhshi, A.D., and Javed, A. (2021, January 25–29). Intrusion Detection System for SDN-enabled IoT Networks using Machine Learning Techniques. Proceedings of the 2021 IEEE 25th International Enterprise Distributed Object Computing Workshop (EDOCW), Gold Coast, Australia.

4. A Survey: Typical Security Issues of Software-Defined Networking;Liu;China Commun.,2019

5. Alzahrani, A.O., and Alenazi, M.J.F. (2021). Designing a Network Intrusion Detection System Based on Machine Learning for Software Defined Networks. Future Internet, 13.

Cited by 17 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Advancing cybersecurity: a comprehensive review of AI-driven detection techniques;Journal of Big Data;2024-08-04

2. Software-Defined-Networking-Based One-versus-Rest Strategy for Detecting and Mitigating Distributed Denial-of-Service Attacks in Smart Home Internet of Things Devices;Sensors;2024-08-03

3. MP-GUARD: A novel multi-pronged intrusion detection and mitigation framework for scalable SD-IoT networks using cooperative monitoring, ensemble learning, and new P4-extracted feature set;Computers and Electrical Engineering;2024-08

4. Traffic Feature Selection and Distributed Denial of Service Attack Detection in Software-Defined Networks Based on Machine Learning;Sensors;2024-07-04

5. MULTI-BLOCK: A novel ML-based intrusion detection framework for SDN-enabled IoT networks using new pyramidal structure;Internet of Things;2024-07