Author:
Wang Kun,Fu Yu,Duan Xueyuan,Liu Taotao
Abstract
AbstractDue to the large computational overhead, underutilization of features, and high bandwidth consumption in traditional SDN environments for DDoS attack detection and mitigation methods, this paper proposes a two-stage detection and mitigation method for DDoS attacks in SDN based on multi-dimensional characteristics. Firstly, an analysis of the traffic statistics from the SDN switch ports is performed, which aids in conducting a coarse-grained detection of DDoS attacks within the network. Subsequently, a Multi-Dimensional Deep Convolutional Classifier (MDDCC) is constructed using wavelet decomposition and convolutional neural networks to extract multi-dimensional characteristics from the traffic data passing through suspicious switches. Based on these extracted multi-dimensional characteristics, a simple classifier can be employed to accurately detect attack samples. Finally, by integrating graph theory with restrictive strategies, the source of attacks in SDN networks can be effectively traced and isolated. The experimental results indicate that the proposed method, which utilizes a minimal amount of statistical information, can quickly and accurately detect attacks within the SDN network. It demonstrates superior accuracy and generalization capabilities compared to traditional detection methods, especially when tested on both simulated and public datasets. Furthermore, by isolating the affected nodes, the method effectively mitigates the impact of the attacks, ensuring the normal transmission of legitimate traffic during network attacks. This approach not only enhances the detection capabilities but also provides a robust mechanism for containing the spread of cyber threats, thereby safeguarding the integrity and performance of the network.
Funder
National Key Research and Development Program of China
Henan Province Key Science and Technology Research Projects of China
Publisher
Springer Science and Business Media LLC
Reference33 articles.
1. Kreutz, D. et al. Software-defined networking: A comprehensive survey. Proc. IEEE 103(1), 14–76 (2014).
2. El Kamel, A., Eltaief, H. & Youssef, H. On-the-fly (D) DoS attack mitigation in SDN using Deep Neural Network-based rate limiting. Comput. Commun. 182, 153–169 (2022).
3. Wu, P., Chang, Ch., Zuo, Zh. B. & Ma, Y. Y. Address overloading-based packet forwarding verification in SDN. J. Commun. 43(3), 88–100 (2022).
4. Fouladi, R. F., Ermiş, O. & Anarim, E. A DDoS attack detection and countermeasure scheme based on DWT and auto-encoder neural network for SDN. Comput. Netw. 214, 109140 (2022).
5. AbdelAzim, N. M., Fahmy, S. F., Sobh, M. A. & Eldin, A. M. B. A hybrid entropy-based DoS attacks detection system for software defined networks (SDN): A proposed trust mechanism. Egypt. Inform. J. 22(1), 85–90 (2021).