short-paper

Public Access

An SVM Based DDoS Attack Detection Method for Ryu SDN Controller

Authors:

CoNEXT '19 Companion: Proceedings of the 15th International Conference on emerging Networking EXperiments and Technologies

Pages 72 - 73

https://doi.org/10.1145/3360468.3368183

Published: 09 December 2019 Publication History

PDF eReader

Abstract

Software-Defined Networking (SDN) is a dynamic, and manageable network architecture which is more cost-effective than existing network architectures. The idea behind this architecture is to centralize intelligence from the network hardware and funnel this intelligence to the management system (controller) [2]-[4]. Since the centralized SDN controller controls the entire network and manages policies and the flow of the traffic throughout the network, it can be considered as the single point of failure [1]. It is important to find some ways to identify different types of attacks on the SDN controller [8]. Distributed Denial of Service (DDoS) attack is one of the most dangerous attacks on SDN controller. In this work, we implement DDoS attack on the Ryu controller in a tree network topology using Mininet emulator. Also, we use a machine learning method, Vector Machines (SVM) to detect DDoS attack. We propose to install flows in switches, and we consider time attack pattern of the DDoS attack for detection. Simulation results show the effects of DDoS attacks on the Ryu controller is reduced by 36% using our detection method.

References

[1]

K. Kalkan, G. Gur, and F. Alagoz, "Defense Mechanisms against DDoS Attacks in SDN Environment", IEEE Communications Magazine, vol. 55, no. 9, pp. 175--179, 2017.

Digital Library

Google Scholar

[2]

Y. Yu, L. Guo, Y. Liu, J. Zheng, and Y. Zong, "An Efficient SDN-Based DDoS Attack Detection and Rapid Response Platform in Vehicular Networks", Access IEEE, vol. 6, pp. 44570--44579, 2018.

Crossref

Google Scholar

[3]

S. Ezekiel, D. Mon Divakaran, and M. Gurusamy, "Dynamic attack mitigation using SDN", 27th International Telecommunication Networks and Applications Conference (ITNAC), pp. 1--6, 2017.

Crossref

Google Scholar

[4]

I. Abdulqadder, D. Zou, I. Aziz, and B. Yuan, "Modeling software defined security using multi-level security mechanism for SDN environment", IEEE 17th International Conference on Communication Technology (ICCT), pp. 1342--1346, 2017.

Crossref

Google Scholar

[5]

Q. Y. Gong, and F. R. Yu, "Effective software-defined networking controller scheduling method to mitigate DDoS attacks," Electronics Letters, vol. 53, no. 7, pp. 469--471, 2017.

Crossref

Google Scholar

[6]

N. Gde Dharma. M. F. Muthohar. J. Prayuda, K. Priagung. and D. Choi, "Time-based DDoS detection and mitigation for SDN controller." in 17th APNOMS, pp. 550--553, 2015.

Google Scholar

[7]

R.Wang, J. Jia, and L. Ju, "An entropy-based distributed DDoS detection mechanism in software-defined networking", 2015 IEEE Trustcom/BigDataSE/ISPA, pp. 310--317, 2015.

Digital Library

Google Scholar

[8]

Y. Xu and Y. Liu, "DDoS attack detection under SDN context", In: IEEE INFOCOM 2016---The 35th Annual IEEE International Conference on Computer Communications, pp.1--9, 2016.

Crossref

Google Scholar

[9]

M. Alazab, "Profiling and classifying the behavior of malicious codes," Journal of Systems and Sofware, vol. 100, pp. 91--102, 2015.

Digital Library

Google Scholar

[10]

J. Ye, X. Cheng, J. Zhu, L. Feng, and L. Song, "A DDoS Attack Detection Method Based on SVM in Software Defined Network", Security and Communication Networks, Volume 2018, Article ID 9804061, 2018.

Digital Library

Google Scholar

[11]

R. T. Kokila, S. T. Selvi, and K. Govindarajan, "DDoS detection and analysis in SDN-based environment using support vector machine classifier, in Proc. 6th Int. Conf. Adv. Comput. (ICoAC), pp. 205--210, 2014.

Crossref

Google Scholar

[12]

Z. You, Y. Feng, K. Sakurai, "Packet in Message Based DDoS Attack Detection in SDN Network Using OpenFlow", Proc. 5th International Symposium on Computing and Networking, CANDAR 2017, pp. 522--528.

Google Scholar

Cited By

View all

Akash G Aryadeep M B H Nandeesh Dr. Siddalingesh Bandi (2024)MCAD: A Machine Learning Based Cyber Attack Detector using SDN for Healthcare SystemsInternational Journal of Advanced Research in Science, Communication and Technology10.48175/IJARSCT-18836(286-296)Online publication date: 12-Jun-2024
https://doi.org/10.48175/IJARSCT-18836
Vaghela GSanghani NBorisaniya B(2024)Review on DDoS Attack in Controller Environment of Software Defined NetworkICST Transactions on Scalable Information Systems10.4108/eetsis.582311Online publication date: 24-Jul-2024
https://doi.org/10.4108/eetsis.5823
Rivas POrduz JJui TDeCusatis CKhanal B(2024)Quantum-Enhanced Representation Learning: A Quanvolutional Autoencoder Approach against DDoS ThreatsMachine Learning and Knowledge Extraction10.3390/make60200446:2(944-964)Online publication date: 1-May-2024
https://doi.org/10.3390/make6020044
Show More Cited By

Recommendations

Performance Analysis of POX and Ryu with Different SDN Topologies
ICISS '18: Proceedings of the 1st International Conference on Information Science and Systems

This paper deals with the performance comparison of two python-based Software Defined Network (SDN) controllers i.e. POX and Ryu under different network topologies such as Single, Linear, Tree, Dumbbell, Data Center Networks (DCN) and Software-Defined ...
Performance analysis of ODL and RYU controllers’ against DDoS attack in software defined networks
Abstract
Software-defined networking (SDN) is a new way of designing and managing networks. The central SDN controller serves as the network’s brain in the control plane. This paper compares the performance of OpenDayLight (ODL) and Ryu SDN controllers by ...
A DDoS attack detection method based on SVM and K-nearest neighbour in SDN environment

This paper presents a detection method for DDoS attack in SDN based on K-nearest neighbour (KNN) algorithm and support vector machine (SVM) algorithm. This method makes use of the characteristics of SDN centralised control, collects flow characteristic ...

Comments

Information & Contributors

Information

Published In

CoNEXT '19 Companion: Proceedings of the 15th International Conference on emerging Networking EXperiments and Technologies

December 2019

93 pages

ISBN:9781450370066

DOI:10.1145/3360468

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 December 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Funding Sources

Conference

CoNEXT '19

Sponsor:

SIGCOMM

CoNEXT '19: The 15th International Conference on emerging Networking EXperiments and Technologies

December 9 - 12, 2019

FL, Orlando, USA

Acceptance Rates

CoNEXT '19 Companion Paper Acceptance Rate 34 of 52 submissions, 65%;

Overall Acceptance Rate 198 of 789 submissions, 25%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

25
Total Citations
View Citations
1,431
Total Downloads

Downloads (Last 12 months)206
Downloads (Last 6 weeks)30

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Akash G Aryadeep M B H Nandeesh Dr. Siddalingesh Bandi (2024)MCAD: A Machine Learning Based Cyber Attack Detector using SDN for Healthcare SystemsInternational Journal of Advanced Research in Science, Communication and Technology10.48175/IJARSCT-18836(286-296)Online publication date: 12-Jun-2024
https://doi.org/10.48175/IJARSCT-18836
Vaghela GSanghani NBorisaniya B(2024)Review on DDoS Attack in Controller Environment of Software Defined NetworkICST Transactions on Scalable Information Systems10.4108/eetsis.582311Online publication date: 24-Jul-2024
https://doi.org/10.4108/eetsis.5823
Rivas POrduz JJui TDeCusatis CKhanal B(2024)Quantum-Enhanced Representation Learning: A Quanvolutional Autoencoder Approach against DDoS ThreatsMachine Learning and Knowledge Extraction10.3390/make60200446:2(944-964)Online publication date: 1-May-2024
https://doi.org/10.3390/make6020044
Su YXiong DQian KWang Y(2024)A Comprehensive Survey of Distributed Denial of Service Detection and Mitigation Technologies in Software-Defined NetworkElectronics10.3390/electronics1304080713:4(807)Online publication date: 19-Feb-2024
https://doi.org/10.3390/electronics13040807
Han YZhang LWang YDeng XGu ZZhang X(2023)Research on the Security of IPv6 Communication Based on Petri Net under IoTSensors10.3390/s2311519223:11(5192)Online publication date: 30-May-2023
https://doi.org/10.3390/s23115192
Almohagri BSaeed MAlazaby HMohammed A(2023)Machine Learning Approach for Distributed Daniel of Service Attack Detection in SDNs2023 3rd International Conference on Emerging Smart Technologies and Applications (eSmarTA)10.1109/eSmarTA59349.2023.10293527(01-07)Online publication date: 10-Oct-2023
https://doi.org/10.1109/eSmarTA59349.2023.10293527
Zhang HZhou LLei J(2023)Renyi Entropy-based DDoS Attack Detection in SDN-based Networks2023 IEEE 3rd International Conference on Electronic Technology, Communication and Information (ICETCI)10.1109/ICETCI57876.2023.10176631(334-337)Online publication date: 26-May-2023
https://doi.org/10.1109/ICETCI57876.2023.10176631
Kujur PPatel S(2023)Comparison of Various ML Approaches for Detection of DDoS Attacks in SDN2023 IEEE 15th International Conference on Computational Intelligence and Communication Networks (CICN)10.1109/CICN59264.2023.10402327(245-249)Online publication date: 22-Dec-2023
https://doi.org/10.1109/CICN59264.2023.10402327
Al Ghamdi M(2023)A Fine-Grained System Driven of Attacks Over Several New Representation Techniques Using Machine LearningIEEE Access10.1109/ACCESS.2023.330701811(96615-96625)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3307018
Halman LAlenazi M(2023)MCAD: A Machine Learning Based Cyberattacks Detector in Software-Defined Networking (SDN) for Healthcare SystemsIEEE Access10.1109/ACCESS.2023.326682611(37052-37067)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3266826
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

Performance Analysis of POX and Ryu with Different SDN Topologies

Performance analysis of ODL and RYU controllers’ against DDoS attack in software defined networks

A DDoS attack detection method based on SVM and K-nearest neighbour in SDN environment

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Upcoming Conference

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF

eReader

Login options

Full Access

Abstract

References

Cited By

Recommendations

Performance Analysis of POX and Ryu with Different SDN Topologies

Performance analysis of ODL and RYU controllers’ against DDoS attack in software defined networks

A DDoS attack detection method based on SVM and K-nearest neighbour in SDN environment

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations