Leveraging Machine Learning Approach to Setup Software-Defined Network(SDN) Controller Rules During DDoS Attack

@inproceedings{Sen2018LeveragingML,
  title={Leveraging Machine Learning Approach to Setup Software-Defined Network(SDN) Controller Rules During DDoS Attack},
  author={Sajib Sen and Kishor Datta Gupta and M. N. Istiaq Ahsan},
  booktitle={IJCCI},
  year={2018}
}
A machine learning based Distributed Denial of Service (DDoS) attack detection system, implemented in a virtual SDN environment testbed, has been presented in this paper. This system identifies whether any incoming traffic in a network is a DDoS type or not. To implement this approach, we applied AdaBoosting with decision stump as a weak classifier to train our model on a private network dataset in SDN environment. Our model showed up to 93% detection accuracy with a low false-positive rate. We… 
DLSDN: Deep Learning for DDOS attack detection in Software Defined Networking
TLDR
The purpose of network traffic classification using deep learning techniques was fulfilled and accuracy score of 99.75% was got by applying Stacked Auto-Encoder Multi-layer Perceptron (SAE-MLP) which is explained in the paper.
Effects of Machine Learning Approach in Flow-Based Anomaly Detection on Software-Defined Networking
TLDR
Two different approaches of flow-based intrusion detection system in OpenFlow Controller are investigated and substantial experiments with comparative analysis clearly show that, deep learning would be a better choice for intrusion detection in Open Flow Controller.
Towards Detecting Flooding DDOS Attacks Over Software Defined Networks Using Machine Learning Techniques
TLDR
This paper focuses on the design and implementation of an attack detection system for detecting the flooding DDoS attacks TCP SYN flooding attacks, HTTP request flooded attacks, UDP flooding attacks and ICMP flooding attacks over SDN network traffic.
Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking Environments
TLDR
This paper analyzes recent studies concerning DDoS detection methods that have adapted single and hybrid ML approaches in modern networking environments and discusses different DDoS defense systems based on ML techniques that make use of a virtualized environment.
A Lightweight Decision-Tree Algorithm for detecting DDoS flooding attacks
TLDR
A lightweight architecture that distinguishes attack network flows from normal traffic flows with a detection accuracy of over 99.9% is presented, optimised for deployment in low-cost environments for efficient, rapid detection and prevention of DDoS attacks.
A Survey on Machine Learning Techniques for Cyber Security in the Last Decade
TLDR
This paper aims to provide a comprehensive overview of the challenges that ML techniques face in protecting cyberspace against attacks, by presenting a literature on ML techniques for cyber security including intrusion detection, spam detection, and malware detection on computer networks and mobile networks in the last decade.
Machine learning in cybersecurity: a comprehensive survey
TLDR
A comprehensive survey of the works that have been carried out most recently on ML in cybersecurity, describing the basics of cyber-attacks and corresponding defenses, the Basics of the most commonly used ML algorithms, and proposed ML and data mining schemes for cybersecurity in terms of features, dimensionality reduction, and classification/detection techniques are provided.
Map Reduce Implementation for Malicious Websites Classification
TLDR
This project wanted to implement a classifier that would detect benign and malicious websites using network and application features that are available in a data-set from Kaggle, and it will do that using MapReduce to make the classification speeds faster than the traditional approaches.
Applications and Evaluations of Bio-Inspired Approaches in Cloud Security: A Review
TLDR
An overview of bio-inspired algorithms application and evaluations, taking into account cloud security challenges, such as Identity and Authentication, Access Control Systems, Protocol and Network Security, Trust Management, Intrusion Detection, Virtualization, and Forensic are provided.
...
1
2
...

References

SHOWING 1-10 OF 13 REFERENCES
Handling intrusion and DDoS attacks in Software Defined Networks using machine learning techniques
TLDR
This paper aims at studying SDN accompanied with OpenFlow protocol from the perspective of intrusion and Distributed Denial of Service (DDoS) attacks and suggest machine learning based techniques for mitigation of such attacks.
Application-awareness in SDN
We present a framework, Atlas, which incorporates application-awareness into Software-Defined Networking (SDN), which is currently capable of L2/3/4-based policy enforcement but agnostic to higher
A Survey of Securing Networks Using Software Defined Networking
TLDR
A comprehensive survey of recent works that apply SDN to security is undertaken, and promising future directions that can be addressed by such research are identified.
Shallow and Deep Networks Intrusion Detection System: A Taxonomy and Survey
TLDR
A taxonomy and survey of shallow and deep networks intrusion detection systems is presented based on previous and current works, and a discussion of the false and true positive alarm rates is presented to help researchers model reliable and efficient machine learning based intrusion Detection systems.
Survey of learning methods in intrusion detection systems
TLDR
The learning and detection methods inIDS are reviewed, the problems with existing intrusion detection systems are discussed and data reduction techniques used in IDS in order to deal with huge volumes of audit data are reviewed.
Semi-supervised learning methods for network intrusion detection
TLDR
This work proposes two semi-supervised classification methods, spectral graph transducer and Gaussian fields approach, to detect unknown attacks and one semi- supervised clustering method-MPCK-means to improve the performances of the traditional purely unsupervised clustining methods.
Unsupervised Clustering Approach for Network Anomaly Detection
TLDR
The experiment shows that misuse detection techniques failed to detect network traffic, which contained a large number of unknown intrusions, and the anomaly detection module showed promising results where the distance-based outlier detection algorithm outperformed other algorithms with an accuracy of 80.15%.
Improving network management with software defined networking
TLDR
Three problems in network management are identified: enabling frequent changes to network conditions and state, providing support for network configuration in a highlevel language, and providing better visibility and control over tasks for performing network diagnosis and troubleshooting.
What Lies Beneath? Analyzing Automated SSH Bruteforce Attacks
TLDR
The dataset includes plaintext password guesses in addition to timing, source, and username details, which allows us to analyze attacker behaviour and dynamics and provide recommendations for SSH users and administrators.
Scalable Network Virtualization in Software-Defined Networks
TLDR
The FlowN architecture gives each tenant the illusion of its own address space, topology, and controller, and leverages database technology to efficiently store and manipulate mappings between virtual networks and physical switches.
...
1
2
...