A Collaborative Approach to Detecting DDoS Attacks in SDN Using Entropy and Deep Learning

Authors

DOI:

https://doi.org/10.26636/jtit.2024.3.1609

Keywords:

DDoS, deep learning, LSTM, machine learning, random forest, SDN

Abstract

Software-defined networking (SDN) is an approach to network management allowing to enhance the performance of the network and making it more flexible. The centralized architecture of SDN makes it vulnerable to cyberattacks, especially distributed denial of service (DDoS) attacks. Existing research investigates the detection of DDoS attacks separately on the control plane and data plane. However, there is a need for efficient and accurate detection of these attacks using features obtained from both control and data planes. Therefore, we present a mechanism for identifying DDoS attacks using entropy, multiple feature selection mechanisms, and deep learning. Initially, we use entropy on the control plane to detect anomalous activity and identify suspicious switches. Next, we capture traffic on the suspicious switches to detect DDoS attacks. To detect these attacks, we utilize multi-layer perceptron (MLP) deep learning models, convolutional neural network (CNN), and the long short-term memory (LSTM) approach. An InSDN dataset is used to train the model and test data are generated using Mininet emulation and the Ryu controller. The results reveal that LSTM outperforms MLP and CNN, achieving an accuracy of 99.83%.

Downloads

Download data is not yet available.

References

B. Alhijawi et al., "A Survey on DoS/DDoS Mitigation Techniques in SDNs: Classification, Comparison, Solutions, Testing Tools and Datasets", Computers and Electrical Engineering, vol. 99, art. no. 107706, 2022. DOI: https://doi.org/10.1016/j.compeleceng.2022.107706
View in Google Scholar

A.A. Bahashwan et al., "A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-defined Networking", Sensors, vol. 23, no. 9, art. no. 4441, 2023. DOI: https://doi.org/10.3390/s23094441
View in Google Scholar

I.A. Valdovinos, J.A. Pérez-Díaz, K.-K.R. Choo, and J.F. Botero, "Emerging DDoS Attack Detection and Mitigation Strategies in Software-defined Networks: Taxonomy, Challenges and Future Directions", Journal of Network and Computer Applications, vol. 187, art. no. 103093, 2021. DOI: https://doi.org/10.1016/j.jnca.2021.103093
View in Google Scholar

H. Zhang, L. Zhou, and J. Lei, "Renyi Entropy-based DDoS Attack Detection in SDN-based Networks", 2023 IEEE 3rd International Conference on Electronic Technology, Communication and Information (ICETCI), Changchun, China, 2023. DOI: https://doi.org/10.1109/ICETCI57876.2023.10176631
View in Google Scholar

A. Makuvaza, D.S. Jat, and A.M. Gamundani, "Deep Neural Network (DNN) Solution for Real-time Detection of Distributed Denial of Service (DDoS) Attacks in Software Defined Networks (SDNs)", SN Computer Science, vol. 2, 2021. DOI: https://doi.org/10.1007/s42979-021-00467-1
View in Google Scholar

L. Tan et al., "A New Framework for DDoS Attack Detection and Defense in SDN Environment", IEEE Access, vol. 8, pp. 161908-161919, 2020. DOI: https://doi.org/10.1109/ACCESS.2020.3021435
View in Google Scholar

K. Kalkan, L. Altay, G. Gür, and F. Alagöz, "JESS: Joint Entropy-based DDoS Defense Scheme in SDN", IEEE Journal on Selected Areas in Communications, vol. 36, no. 10, pp. 2358-2372, 2018. DOI: https://doi.org/10.1109/JSAC.2018.2869997
View in Google Scholar

R.N. Carvalho, J.L. Bordim, and E.A.P. Alchieri, "Entropy-based DoS Attack Identification in SDN", 2019 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW), Rio de Janeiro, Brazil, 2019. DOI: https://doi.org/10.1109/IPDPSW.2019.00108
View in Google Scholar

S. Yu et al., "A Cooperative DDoS Attack Detection Scheme Based on Entropy and Ensemble Learning in SDN", EURASIP Journal on Wireless Communications and Networking, 2021. DOI: https://doi.org/10.21203/rs.3.rs-154522/v1
View in Google Scholar

B. Han et al., "OverWatch: A Cross-plane DDoS Attack Defense Framework with Collaborative Intelligence in SDN", Security and Communication Networks, 2018. DOI: https://doi.org/10.1155/2018/9649643
View in Google Scholar

A. Yadav et al., "A Hybrid Approach for Detection of DDoS Attacks Using Entropy and Machine Learning in Software Defined Networks", 2021 12th International Conference on Computing Communication and Networking Technologies (ICCCNT), Kharagpur, India, 2021. DOI: https://doi.org/10.1109/ICCCNT51525.2021.9580057
View in Google Scholar

B. Celesova, J. Val’ko, R. Grezo, and P. Helebrandt, "Enhancing Security of SDN Focusing on Control Plane and Data Plane", 2019 7th International Symposium on Digital Forensics and Security (ISDFS), Barcelos, Portugal, 2019. DOI: https://doi.org/10.1109/ISDFS.2019.8757542
View in Google Scholar

Y. Wang et al., "SGS: Safe-guard Scheme for Protecting Control Plane Against DDoS Attacks in Software-defined Networking", IEEE Access, vol. 7, pp. 34699-34710, 2019. DOI: https://doi.org/10.1109/ACCESS.2019.2895092
View in Google Scholar

W.G. Gadallah, N.M. Omar, and H.M. Ibrahim, "Machine Learning-based Distributed Denial of Service Attacks Detection Technique using New Features in Software-defined Networks", International Journal of Computer Network Information Security, vol. 13, no. 3, pp. 15-27, 2021. DOI: https://doi.org/10.5815/ijcnis.2021.03.02
View in Google Scholar

Z. Liu, Y. He, W. Wang, and B. Zhang, "DDoS Attack Detection Scheme Based on Entropy and PSO-BP Neural Network in SDN", China Communications, vol. 16, no. 7, pp. 144-155, 2019. DOI: https://doi.org/10.23919/JCC.2019.07.012
View in Google Scholar

H.S. Abdulkarem and A. Dawod, "DDoS Attack Detection and Mitigation at SDN Data Plane Layer", 2020 2nd Global Power, Energy and Communication Conference (GPECOM), Izmir, Türkiye, 2020. DOI: https://doi.org/10.1109/GPECOM49333.2020.9247850
View in Google Scholar

R. Sanjeetha, A. Pattanaik, A. Gupta, and A. Kanavalli, "Early Detection and Diminution of DDoS Attack Instigated by Compromised Switches on the Controller in Software Defined Networks", 2019 IEEE International Conference on Distributed Computing, VLSI, Electrical Circuits and Robotics, Manipal, India, 2019. DOI: https://doi.org/10.1109/DISCOVER47552.2019.9007925
View in Google Scholar

A. Mishra, N. Gupta, and B.B. Gupta, "Defense Mechanisms Against DDoS Attack Based on Entropy in SDN-cloud Using POX Controller", Telecommunication Systems, vol. 77, pp. 47-62, 2021. DOI: https://doi.org/10.1007/s11235-020-00747-w
View in Google Scholar

X. Yang, B. Han, Z. Sun, and J. Huang, "SDN-based DDoS Attack Detection with Cross-plane Collaboration and Lightweight Flow Monitoring", GLOBECOM 2017 - 2017 IEEE Global Communications Conference, Singapore, 2017. DOI: https://doi.org/10.1109/GLOCOM.2017.8254079
View in Google Scholar

V. Deepa, K.M. Sudar, and P. Deepalakshmi, "Detection of DDoS Attack on SDN Control Plane using Hybrid Machine Learning Techniques", 2018 International Conference on Smart Systems and Inventive Technology (ICSSIT), Tirunelveli, India, 2018. DOI: https://doi.org/10.1109/ICSSIT.2018.8748836
View in Google Scholar

J.E. Varghese and B. Muniyal, "An Efficient IDS Framework for DDoS Attacks in SDN Environment", IEEE Access, vol. 9, pp. 69680-69699, 2021. DOI: https://doi.org/10.1109/ACCESS.2021.3078065
View in Google Scholar

N. Ahuja, G. Singal, D. Mukhopadhyay, and N. Kumar, "Automated DDOS Attack Detection in Software Defined Networking", Journal of Network and Computer Applications, vol. 187, art. no. 103108, 2021. DOI: https://doi.org/10.1016/j.jnca.2021.103108
View in Google Scholar

D. Gadze et al., "An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers", Technologies, vol. 9, art. no. 14, 2021. DOI: https://doi.org/10.3390/technologies9010014
View in Google Scholar

P.T. Dinh and M. Park, "BDF-SDN: A Big Data Framework for DDoS Attack Detection in Large-scale SDN-based Cloud", 2021 IEEE Conference on Dependable and Secure Computing (DSC), Fukushima, Japan, 2021. DOI: https://doi.org/10.1109/DSC49826.2021.9346269
View in Google Scholar

R. Durner, C. Lorenz, M. Wiedemann, and W. Kellerer, "Detecting and Mitigating Denial of Service Attacks Against the Data Plane in Software Defined Networks", 2017 IEEE Conference on Network Softwarization (NetSoft), Bologna, Italy, 2017. DOI: https://doi.org/10.1109/NETSOFT.2017.8004229
View in Google Scholar

N. Ahuja, G. Singal, and D. Mukhopadhyay, "DLSDN: Deep Learning for DDOS Attack Detection in Software Defined Networking", 2021 11th International Conference on Cloud Computing, Data Science and Engineering (Confluence), Noida, India, 2021. DOI: https://doi.org/10.1109/Confluence51648.2021.9376879
View in Google Scholar

M.S. Elsayed, N.-A. Le-Khac, and A.D. Jurcut, "InSDN: A Novel SDN Intrusion Dataset", IEEE Access, vol. 8, pp. 165263-165284, 2020. DOI: https://doi.org/10.1109/ACCESS.2020.3022633
View in Google Scholar

Cover page of issue 3/2024

Downloads

Published

2024-09-30

Issue

No. 3 (2024)

Section

ARTICLES FROM THIS ISSUE

License

Copyright (c) 2024 Narayan D.G., Heena W, Amit K

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
N. D.G., H. W, and A. K, “A Collaborative Approach to Detecting DDoS Attacks in SDN Using Entropy and Deep Learning”, JTIT, vol. 97, no. 3, Sep. 2024, doi: 10.26636/jtit.2024.3.1609.