Enhancing DDoS Attack Detection and Mitigation in SDN Using an Ensemble Online Machine Learning Model

Enhancing DDoS Attack Detection and Mitigation in SDN Using an Ensemble Online Machine Learning Model

Software Defined Networks (SDN) offer dynamic reconfigurability and scalability, revolutionizing traditional networking. However, countering Distributed Denial of Service (DDoS) attacks remains a formidable challenge for both traditional and SDN-based networks. The integration of Machine Learning (M...

Full description

Saved in:
Bibliographic Details
Published in:IEEE access Vol. 12; pp. 51630 - 51649
Main Authors: Alashhab, Abdussalam Ahmed, Zahid, Mohd Soperi, Isyaku, Babangida, Elnour, Asma Abbas, Nagmeldin, Wamda, Abdelmaboud, Abdelzahir, Abdullah, Talal Ali Ahmed, Maiwada, Umar Danjuma
Format: Journal Article
Language:English
Published: Piscataway IEEE 2024
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects:
Accuracy
Adaptation models
Computer crime
Cybersecurity
Data models
Datasets
DDoS attacks
Denial of service attacks
Denial-of-service attack
Detection algorithms
detection and mitigation
Distance learning
ensemble
Ensemble learning
Evolution
LDDoS attacks
Machine learning
OML
Scalability
SDN
Software defined networking
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Software Defined Networks (SDN) offer dynamic reconfigurability and scalability, revolutionizing traditional networking. However, countering Distributed Denial of Service (DDoS) attacks remains a formidable challenge for both traditional and SDN-based networks. The integration of Machine Learning (ML) into SDN holds promise for addressing these threats. While recent research demonstrates ML's accuracy in distinguishing legitimate from malicious traffic, it faces difficulties in handling emerging, low-rate, and zero-day DDoS attacks due to limited feature scope for training. The ever-evolving DDoS landscape, driven by new protocols, necessitates continuous ML model retraining. In response to these challenges, we propose an ensemble online machine-learning model designed to enhance DDoS detection and mitigation. This approach utilizes online learning to adapt the model with expected attack patterns. The model is trained and evaluated using SDN simulation (Mininet and Ryu). Its dynamic feature selection capability overcomes conventional limitations, resulting in improved accuracy across diverse DDoS attack types. Experimental results demonstrate a remarkable 99.2% detection rate, outperforming comparable models on our custom dataset as well as various benchmark datasets, including CICDDoS2019, InSDN, and slow-read-DDoS. Moreover, the proposed model undergoes comparison with industry-standard commercial solutions. This work establishes a strong foundation for proactive DDoS threat identification and mitigation in SDN environments, reinforcing network security against evolving cyber risks.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2024.3384398