Secured DDoS Attack Detection in SDN Using TS-RBDM With MDPP-Streebog Based User Authentication
Corresponding Author
Monika Dandotiya
Computer Science & Engineering, Madhav Institute of Technology & Science, Gwalior, Madhya Pradesh, India
Correspondence:
Monika Dandotiya ([email protected])
Rajni Ranjan Singh Makwana ([email protected])
Search for more papers by this authorCorresponding Author
Rajni Ranjan Singh Makwana
Centre for Artificial Intelligence, Madhav Institute of Technology & Science, Gwalior, Madhya Pradesh, India
Correspondence:
Monika Dandotiya ([email protected])
Rajni Ranjan Singh Makwana ([email protected])
Search for more papers by this authorCorresponding Author
Monika Dandotiya
Computer Science & Engineering, Madhav Institute of Technology & Science, Gwalior, Madhya Pradesh, India
Correspondence:
Monika Dandotiya ([email protected])
Rajni Ranjan Singh Makwana ([email protected])
Search for more papers by this authorCorresponding Author
Rajni Ranjan Singh Makwana
Centre for Artificial Intelligence, Madhav Institute of Technology & Science, Gwalior, Madhya Pradesh, India
Correspondence:
Monika Dandotiya ([email protected])
Rajni Ranjan Singh Makwana ([email protected])
Search for more papers by this authorFunding: The authors received no specific funding for this work.
ABSTRACT
In a Distributed Denial of Service (DDoS) attack, the attacker aims to render a network resource unavailable to its intended users. A novel Software Defined Networking (SDN)-centered secured DDoS attack detection system is presented in this paper by utilizing TanhSoftmax-Restricted Boltzmann Dense Machines (TS-RBDM) with a Mean Difference of Public key and Private key based Streebog (MDPP-Streebog) user authentication algorithm. Primarily, in the registration phase, the users have registered their device details. The two-stage login process is performed after successful registration. Then, in the network layer, the nodes are initialized, and via the Gate/Router, the sensed data is transmitted to the SDN controller to enhance network energy efficiency. Later, by using the CIC DDoS 2019 dataset, the DDoS detection system is trained. This dataset undergoes preprocessing, and features are extracted from it. By employing the Adaptive Synthetic (ADASYN) technique, data balancing is achieved. Lastly, by using the TS-RBDM technique, the data is trained. The sensed data is categorized as either attacked or non-attacked data within this trained DDoS detection system. By employing the Entropy Binomial probability-based Shanon-Fano-Elias (EB-SFE) technique, the non-attacked data will be encoded and transmitted to the receiving terminal. Lastly, the experiential assessment illustrated that the proposed DDoS detection system attained 98% accuracy with 37 485 ms minimal training time, thus outperforming all state-of-the-art methods.
Conflicts of Interest
The authors declare no conflicts of interest.
Open Research
Data Availability Statement
Research data are not shared.
References
- 1R. Abu Bakar, L. De Marinis, F. Cugini, and F. Paolucci, “FTG-Net-E: A Hierarchical Ensemble Graph Neural Network for DDoS Attack Detection,” Computer Networks 250 (2024): 1–13, https://doi.org/10.1016/j.comnet.2024.110508.
10.1016/j.comnet.2024.110508 Google Scholar
- 2M. A. Aladaileh, M. Anbar, I. H. Hasbullah, Y. W. Chong, and Y. K. Sanjalawe, “Detection Techniques of Distributed Denial of Service Attacks on Software-Defined Networking Controller – A Review,” IEEE Access 8 (2020): 143985–143995, https://doi.org/10.1109/ACCESS.2020.3013998.
- 3J. Bhayo, S. Hameed, and S. A. Shah, “An Efficient Counter-Based DDoS Attack Detection Framework Leveraging Software Defined IoT (SD-IoT),” IEEE Access 8 (2020): 221612–221631, https://doi.org/10.1109/ACCESS.2020.3043082.
- 4A. B. Dehkordi, M. R. Soltanaghaei, and F. Z. Boroujeni, “The DDoS Attacks Detection Through Machine Learning and Statistical Methods in SDN,” Journal of Supercomputing 77, no. 3 (2021): 2383–2415, https://doi.org/10.1007/s11227-020-03323-w.
- 5M. I. Ismail Mohmand, H. Hussain, A. A. Khan, et al., “A Machine Learning-Based Classification and Prediction Technique for DDoS Attacks,” IEEE Access 10 (2022): 21443–21454, https://doi.org/10.1109/ACCESS.2022.3152577.
10.1109/ACCESS.2022.3152577 Google Scholar
- 6B. Nugraha and R. N. Murthy, “Deep Learning-Based Slow DDoS Attack Detection in SDN-Based Networks,” in IEEE Conference on Network Function Virtualization and Software Defined Networks (2020), 51–56, https://doi.org/10.1109/NFV-SDN50289.2020.9289894.
10.1109/NFV?SDN50289.2020.9289894 Google Scholar
- 7R. Swami, M. Dave, and V. Ranga, “Detection and Analysis of TCP-SYN DDOS Attack in Software-Defined Networking,” Wireless Personal Communications 118, no. 4 (2021): 2295–2317, https://doi.org/10.1007/s11277-021-08127-6.
- 8J. Ali, B. H. Roh, B. Lee, J. Oh, and M. Adil, “A Machine Learning Framework for Prevention of Software-Defined Networking Controller From DDoS Attacks and Dimensionality Reduction of Big Data,” in International Conference on Information and Communication Technology Convergence (2020), 515–519, https://doi.org/10.1109/ICTC49870.2020.9289504.
10.1109/ICTC49870.2020.9289504 Google Scholar
- 9F. Musumeci, A. C. Fidanci, F. Paolucci, F. Cugini, and M. Tornatore, “Machine-Learning-Enabled DDoS Attacks Detection in P4 Programmable Networks,” Journal of Network and Systems Management 30 (2022): 1–27, https://doi.org/10.1007/s10922-021-09633-5.
- 10A. T. Kyaw, M. Z. Oo, and C. S. Khin, “Machine-Learning Based DDOS Attack Classifier in Software Defined Network,” in 17th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (2020), 431–434, https://doi.org/10.1109/ECTI-CON49241.2020.9158230.
10.1109/ECTI?CON49241.2020.9158230 Google Scholar
- 11J. Wang, Y. Liu, W. Su, and H. Feng, “A DDOS Attack Detection Based on Deep Learning in Software-Defined Internet of Things,” in IEEE 92nd Vehicular Technology Conference (2020), 1–5, https://doi.org/10.1109/VTC2020-Fall49728.2020.9348652.
10.1109/VTC2020?Fall49728.2020.9348652 Google Scholar
- 12T. K. Luong, T. D. Tran, and G. T. Le, “DDOS Attack Detection and Defense in SDN Based on Machine Learning,” in Proceedings – 7th NAFOSTED Conference on Information and Computer Science (2020), 31–35, https://doi.org/10.1109/NICS51282.2020.9335867.
10.1109/NICS51282.2020.9335867 Google Scholar
- 13D. Firdaus, R. Munadi, and Y. Purwanto, “DDoS Attack Detection in Software Defined Network Using Ensemble K-Means++ and Random Forest,” in 3rd International Seminar on Research of Information Technology and Intelligent Systems, ISRITI 2020 (2020), 164–169, https://doi.org/10.1109/ISRITI51436.2020.9315521.
10.1109/ISRITI51436.2020.9315521 Google Scholar
- 14D. Parfenov, L. Kuznetsova, N. Yanishevskaya, I. Bolodurina, A. Zhigalov, and L. Legashev, “Research Application of Ensemble Machine Learning Methods to the Problem of Multiclass Classification of DDOS Attacks Identification,” in International Conference Engineering and Telecommunication, En and T 2020 (2020), 1–7, https://doi.org/10.1109/EnT50437.2020.9431255.
10.1109/EnT50437.2020.9431255 Google Scholar
- 15N. Ahuja, G. Singal, and D. Mukhopadhyay, “DLSDN: Deep Learning for DDOS Attack Detection in Software Defined Networking,” in Proceedings of the 11th International Conference on Cloud Computing, Data Science and Engineering (Confluence) (2021), 683–688, https://doi.org/10.1109/Confluence51648.2021.9376879.
10.1109/Confluence51648.2021.9376879 Google Scholar
- 16R. Doriguzzi-Corin, S. Millar, S. Scott-Hayward, J. Martinez-Del-Rincon, and D. Siracusa, “Lucid: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection,” IEEE Transactions on Network and Service Management 17, no. 2 (2020): 876–889, https://doi.org/10.1109/TNSM.2020.2971776.
- 17K. M. Sudar, M. Beulah, P. Deepalakshmi, P. Nagaraj, and P. Chinnasamy, “Detection of Distributed Denial of Service Attacks in SDN Using Machine Learning Techniques,” in International Conference on Computer Communication and Informatics (2021), 1–5, https://doi.org/10.1109/CONIT59222.2023.10205887.
10.1109/CONIT59222.2023.10205887 Google Scholar
- 18L. Tan, Y. Pan, J. Wu, J. Zhou, H. Jiang, and Y. Deng, “A New Framework for DDOS Attack Detection and Defense in SDN Environment,” IEEE Access 8 (2020): 161908–161919, https://doi.org/10.1109/ACCESS.2020.3021435.
- 19J. Bhayo, R. Jafaq, A. Ahmed, S. Hameed, and S. A. Shah, “A Time-Efficient Approach Toward DDoS Attack Detection in IoT Network Using SDN,” IEEE Internet of Things Journal 9, no. 5 (2022): 3612–3630, https://doi.org/10.1109/JIOT.2021.3098029.
- 20N. M. Yungaicela-Naula, C. Vargas-Rosales, and J. A. Perez-Diaz, “SDN-Based Architecture for Transport and Application Layer DDOS Attack Detection by Using Machine and Deep Learning,” IEEE Access 9 (2021): 108495–108512, https://doi.org/10.1109/ACCESS.2021.3101650.
- 21K. S. Sahoo, B. K. Tripathy, K. Naik, et al., “An Evolutionary SVM Model for DDOS Attack Detection in Software Defined Networks,” IEEE Access 8 (2020): 132502–132513, https://doi.org/10.1109/ACCESS.2020.3009733.
- 22W. Zhijun, X. Qing, W. Jingjie, Y. Meng, and L. Liang, “Low-Rate DDOS Attack Detection Based on Factorization Machine in Software Defined Network,” IEEE Access 8 (2020): 17404–17418, https://doi.org/10.1109/ACCESS.2020.2967478.
- 23N. Ahuja, G. Singal, D. Mukhopadhyay, and N. Kumar, “Automated DDOS Attack Detection in Software Defined Networking,” Journal of Network and Computer Applications 187 (2021): 1–12, https://doi.org/10.1016/j.jnca.2021.103108.
- 24J. Li, M. Liu, Z. Xue, X. Fan, and X. He, “Rtvd: A Real-Time Volumetric Detection Scheme for DDOS in the Internet of Things,” IEEE Access 8 (2020): 36191–36201, https://doi.org/10.1109/ACCESS.2020.2974293.
- 25W. I. Khedr, A. E. Gouda, and E. R. Mohamed, “FMDADM: A Multi-Layer DDoS Attack Detection and Mitigation Framework Using Machine Learning for Stateful SDN-Based IoT Networks,” IEEE Access 11 (2023): 28934–28954, https://doi.org/10.1109/ACCESS.2023.3260256.
- 26E. Taherian-Fard, T. Niknam, R. Sahebi, M. Javidsharifi, A. Kavousi-Fard, and J. Aghaei, “A Software Defined Networking Architecture for DDOS-Attack in the Storage of Multimicrogrids,” IEEE Access 10 (2022): 83802–83812, https://doi.org/10.1109/ACCESS.2022.3197283.
- 27D. Kshirsagar and S. Kumar, “A Feature Reduction Based Reflected and Exploited DDoS Attacks Detection System,” Journal of Ambient Intelligence and Humanized Computing 13, no. 1 (2022): 393–405, https://doi.org/10.1007/s12652-021-02907-5.
- 28U. H. Garba, A. N. Toosi, M. F. Pasha, and S. Khan, “SDN-Based Detection and Mitigation of DDoS Attacks on Smart Homes,” Computer Communications 221 (2024): 29–41, https://doi.org/10.1016/j.comcom.2024.04.001.
- 29A. V. Songa and G. R. Karri, “An Integrated SDN Framework for Early Detection of DDoS Attacks in Cloud Computing,” Journal of Cloud Computing 13, no. 1 (2024): 1–22, https://doi.org/10.1186/s13677-024-00625-9.
10.1186/s13677?024?00625?9 Google Scholar
- 30A. A. Alashhab, M. S. Zahid, B. Isyaku, et al., “Enhancing DDoS Attack Detection and Mitigation in SDN Using an Ensemble Online Machine Learning Model,” IEEE Access 12 (2024): 51630–51649, https://doi.org/10.1109/ACCESS.2024.3384398.
- 31N. Karmous, M. O. E. Aoueileyine, M. Abdelkader, L. Romdhani, and N. Youssef, “Software-Defined-Networking-Based One-Versus-Rest Strategy for Detecting and Mitigating Distributed Denial-of-Service Attacks in Smart Home Internet of Things Devices,” Sensors 24, no. 15 (2024): 1–24, https://doi.org/10.3390/s24155022.
- 32P. Ramadass, R. shree Sekar, S. Srinivasan, et al., “BSDN-HMTD: A Blockchain Supported SDN Framework for Detecting DDoS Attacks Using Deep Learning Method,” Egyptian Informatics Journal 27 (2024): 1–18, https://doi.org/10.1016/j.eij.2024.100515.
- 33R. F. Fouladi, O. Ermis, and E. Anarim, “A DDoS Attack Detection and Defense Scheme Using Time-Series Analysis for SDN,” Journal of Information Security and Applications 54 (2020): 1–11, https://doi.org/10.1016/j.jisa.2020.102587.
- 34O. E. Tayfour and M. N. Marsono, “Collaborative Detection and Mitigation of DDOS in Software-Defined Networks,” Journal of Supercomputing 77, no. 11 (2021): 13166–13190, https://doi.org/10.1007/s11227-021-03782-9.
- 35J. Bhayo, S. A. Shah, S. Hameed, A. Ahmed, J. Nasir, and D. Draheim, “Towards a Machine Learning-Based Framework for DDOS Attack Detection in Software-Defined IoT (SD-IoT) Networks,” Engineering Applications of Artificial Intelligence 123 (2023): 1–17, https://doi.org/10.1016/j.engappai.2023.106432.
- 36M. Al-Fayoumi and Q. A. Al-Haija, “Capturing Low-Rate DDoS Attack Based on MQTT Protocol in Software Defined-IoT Environment,” Array 19 (2023): 1–10, https://doi.org/10.1016/j.array.2023.100316.
- 37A. Prasad and S. Chandra, “VMFCVD: An Optimized Framework to Combat Volumetric DDOS Attacks Using Machine Learning,” Arabian Journal for Science and Engineering 47, no. 8 (2022): 9965–9983, https://doi.org/10.1007/s13369-021-06484-9.
