Abstract
Software defined networking (SDN) is an approach to network management that enables the network architecture to be centrally and intelligently controlled with the use of software applications. It is an innovative way in which networks are built by separating the control plane of network devices and data plan and thereby making their management easier through centralized control. The design of SDN allows a secured flexible network configurations. The major drawback in SDN is the formation of Distributed Denial of Service (DDoS) attacks. The DDOS introduces flood with large numbers of malicious packets from malicious hosts that consume network resources. However, the trust between the control planes and forwarding planes is the vulnerability that can be exploited by attackers to perform distributed denial of service attacks in an SDN. Also, there is no form of authentication or authorization between the controllers and switches before a flow is passed between the layers. This problem ultimately causes a denial of access to legitimate network users or degrade the performance of the network. The objective of this paper is to develop an approach to detect DDos Attacks in IPv6 Enabled SDNs using the Support Vector Machine (SVM) algorithm. The normal and attack traffic packets generated was 500,000 packets during the test for 20 min. The packets were pre-processed and the SVM was trained with 25% of the normal and the attack data. The SVM achieved an accuracy of 99.69% and a DDoS attacks detection rate of 100%.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Acharya S, Tiwari N (2016) Survey of DDoS attacks based on TCP/IP protocol vul-nerabilities. IOSR J Comput Eng 18(3):68–76
Adeniyi DA, Wei Z, Yongquan Y (2016) Automated web usage data mining and recommendation system using K-Nearest Neighbor (KNN) classification method. Appl Comput Inform 12(1):90–108
Bamimore I, Ajagbe SA (2020) Design and implementation of smart home for security using radio frequency modules. Int J Digit Signals Smart Syst 4(4):286–303. https://doi.org/10.1504/IJDSSS.2020.111009
Fan C, Kaliyamurthy NM, Chen S, Jiang H, Zhou Y, Campbell C (2022) Detection of DDoS networking using entropy. Appl Sci 12(1):370
Al-Adaileh MA, Anbar M, Chong YW, Al-Ani, A (2018) Proposed statistical-based approach for detecting distribute denial of service against the controller of software defined network (SADDCS). In: Proceedings of MATEC web of conferences EDP sciences. Les Ulis, France, p 02012
Agne A, Platzner M, Lubbers E (2011) Memory virtualization for multithreaded reconfigurable hardware. In: Proceedings of 21st international conference on field programmable logic and applications. IEEE, pp 185–188
Akamai A (2018) Memcached reflection attacks: A NEW era for DDoS. Akamai technologies, Cambridge
Amaral P, Dinis J, Pinto P, Bernardo L, Tavares J, Mamede HS (2016) Machine learning in software defined networks: Data collection and traffic classification. In: Proceedings of IEEE 24th international conference on network protocols (ICNP). IEEE, pp 1–5
Bakker J (2017) Intelligent traffic classification for detecting DDoS attacks using SDN/Open flow. Computer science. Victoria University Wellington. Accessed from http://hdl.handle.net/10063/6645
Banerjee U, Vashishtha A, Saxena M (2010) Evaluation of the capabilities of wire shark as a tool for intrusion detection. Int J Comput Appl 6(7):1–5
Bawany NZ, Shamsi JA, Salah K (2017) DDoS attack detection and mitigation us-ing SDN: methods, practices, and solutions. Arab J Sci Eng 42(2):425–441
Bediako PK (2017) Long short-term memory recurrent neural network for detecting DDoS flooding attacks within tensorflow implementation framework. Lulea University of Technology, Sweden
Benzekki K, Fergougui A, Elbelrhiti Elalaoui A (2016) Software-defined networking (SDN): a survey. Secur Commun Netw 9(18):5803–5833
Bhuyan MH, Bhattacharyya DK, Kalita JK (2015) An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection. Pattern Recogn Lett 51:1–7. https://doi.org/10.1016/j.patrec.2014.07.019
Olabisi AA, Adeniji OD, Enangha A (2019) A comparative analysis of latency, jitter and bandwidth of ipv6 packets using flow labels in open flow switch in software defined network. Afr J Manag Inf Syst (Afr. J. MIS) 1(3):30–36
Adeniji OD, Khatun S, Borhan MS, Raja RS (2008) A design proposer on policy framework in IPv6 network. Int Symp Inf Technol 4:1–6
Ajagbe SA, Idowu IR, Oladosu JB, Adesina AO (2020) Accuracy of machine learning models for mortality rate prediction in a crime dataset. Int J Inf Process Commun 10(1 & 2):150–160
Musumeci F, Fidanci AC, Paolucci F, Cugini F, Tornatore, M (November 2021) Machine-learning-enabled ddos attacks detection in p4 programmable networks. J Netw Syst Manage (JONS) 30(21):1–27. Springer
Kokila R, Thamarai Selvi S, Govindarajan K (2014) DDoS detection and analysis in SDN-based environment using support vector machine classifier. In: 2014 sixth international conference on advanced computing (ICoAC), pp 205–210
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Adeniji, O.D., Adekeye, D.B., Ajagbe, S.A., Adesina, A.O., Oguns, Y.J., Oladipupo, M.A. (2023). Development of DDoS Attack Detection Approach in Software Defined Network Using Support Vector Machine Classifier. In: Ranganathan, G., Bestak, R., Fernando, X. (eds) Pervasive Computing and Social Networking. Lecture Notes in Networks and Systems, vol 475. Springer, Singapore. https://doi.org/10.1007/978-981-19-2840-6_25
Download citation
DOI: https://doi.org/10.1007/978-981-19-2840-6_25
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-2839-0
Online ISBN: 978-981-19-2840-6
eBook Packages: EngineeringEngineering (R0)