Fuzzy self organizing maps-based DDoS mitigation mechanism for software defined networking in cloud computing

  • Harikrishna PillutlaEmail author
  • Amuthan Arjunan
Original Research


The characteristic features of cloud computing deployment make it highly vulnerable to distributed denial of service (DDoS) attacks. The recent advancement in software-defined networking (SDN) enhances the possibilities for defeating DDoS attacks in cloud computing environments. This option to improve the probability of defeating DDoS attacks is made feasible through the striking features of SDN that include their capability for software-oriented traffic investigation, network global dimension, dynamically updating forwarding rules and centralized point of control. This paper presents a Fuzzy self organizing maps-based DDOS mitigation (FSOMDM) technique that is ideally and suitably designed for improving the SDN capabilities of cloud computing. FSOMDM is the enhanced neural network model that effectively replaces the neurons of the traditional Kohonen neural network model through updating fuzzy rules. The property of software-oriented traffic investigation is utilized in this process and the fuzzy rule is used for exploring the dimension of input space from which a single valued output is derived for enabling the mitigation of DDoS. In addition, FSOMDM incorporates an attack-response process that possesses the significance of dropping attack flows through its enforcement in the control plane of SDN. The performance investigation of FSOMDM confirms its significance by facilitating nearly 94% of classifier accuracy evaluated in terms of true positive rate (TPR).


Fuzzy self-organized mapping Topological neighborhood Kohonen neural network Software defined networks (SDNs) Distributed denial of service (DDoS) attacks 


  1. Achbarou O, Kiram MA, Bouanani SE (2017) Securing cloud computing from different attacks using intrusion detection systems. Int J Interact Multimed Artif Intell 4(3):61–64. Google Scholar
  2. Azodolmolky S, Wieder P, Yahyapour R (2013) SDN-based cloud computing networking. In: Transparent optical networks (ICTON), 15th international conference of the IEEE, pp 1–4.
  3. Banikazemi M, Olshefski D, Shaikh A, Tracey J, Wang G (2013) Meridian: an SDN platform for cloud network services. Commun Mag IEEE 51(2):120–127. CrossRefGoogle Scholar
  4. Bawany NZ, Shamsi JA, Salah K (2017) DDoS attack detection and mitigation using SDN: methods, practices, and solutions. Arab J Sci Eng 42(2):425–441. CrossRefGoogle Scholar
  5. Braga R, Mota E, Passito A (2010) Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: Local computer network conference, IEEE, pp 408–415.
  6. Cheng TY, Wang M, Jia X (2015) QoS-guaranteed controller placement in SDN. In: Global communications (GLOBECOM), IEEE conference, pp 1–6.
  7. Chou L, Tseng C, Huang Y, Chen K, Ou T, Yen C (2016) A security service on-demand architecture in SDN. In: Information and communication technology convergence (ICTC), IEEE international conference, pp 287–291.
  8. Chu Yu H, Tseng M, Chen Yao T, Chou Yu C, Chen Y (2010) A novel design for future on-demand service and security. In: Communication technology, 12th international conference of the IEEE, pp 385–388.
  9. Ciulli N, Carrozzo G, Landi G, Bernini G (2013) An SDN framework for the orchestration of cloud and network services across datacenters. In: Asia communications and photonics conference, international, pp 23–31.
  10. Giotis K, Argyropoulos C, Androulidakis G, Kalogeras D, Maglaris V (2014) Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput Networ 62(2):122–136. CrossRefGoogle Scholar
  11. Izaddoost A, McGregor C (2016) Enhance network communications in a cloud-based real-time health analytics platform using SDN. In: Healthcare informatics (ICHI), IEEE international conference, pp 388–391.
  12. Jain R, Paul S (2013) Network virtualization and software defined networking for cloud computing: a survey. Commun Mag IEEE 51(11):24–31. CrossRefGoogle Scholar
  13. Kim H, Feamster N (2013) Improving network management with software defined networking. Commun Mag IEEE 51(2):114–119. CrossRefGoogle Scholar
  14. Kwangtae J, Kim J, Young-Tak K (2012) QoS-aware network operating system for software defined networking with generalized OpenFlows. In: Network operations and management symposium, IEEE international, pp 1167–1174. 2044
  15. Oktian YE, Lee S, Lee H (2014) Mitigating denial of service (DoS) attacks in openflow networks. In: Information and communication technology convergence (ICTC), international conference, pp 325–330.
  16. Passito A, Mota E, Bennesby R, Fonseca P (2014) AgNOS: a framework for autonomous control of software-defined networks. In: Advanced information networking and applications, 28th international conference of the IEEE, pp 405–412.
  17. Saidi A, Bendriss E, Kartit A, Marraki ME (2017) Techniques to detect DoS and DDoS attacks and an introduction of a mobile agent system to enhance it in cloud computing. Int J Interact Multimed Artif Intell 4(3):75–78. Google Scholar
  18. Salvestrini F, Carrozzo G, Ciulli N (2013) Towards a distributed SDN control: inter-platform signaling among flow processing platforms. In: SDN for future networks and services (SDN4FNS), IEEE international conference, pp 1–7.
  19. Shin S, Yegneswaran V, Porras P, Gu G (2013) AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the SIGSAC conference on computer & communications security, ACM, pp 413–424.
  20. Suh J, Jang D, Kwon T, Choi Y (2011) CANA: one step from IP networking toward content networking. In: Proceedings of the CoNEXT student workshop, ACM, pp 12–18.
  21. Taheri Monfared A, Rong C (2013) Multi-tenant network monitoring based on software defined networking. In: On the move to meaningful internet systems, international conference, pp 327–341.
  22. Talbi J, Haqiq A (2017) A MAS-based cloud service brokering system to respond security needs of cloud customers. Int J Interact Multimed Artif Intell 4(3):65–69. Google Scholar
  23. Toumi H, Marzak B, Talea A, Eddaoui A, Talea M (2017) Use trust management framework to achieve effective security mechanisms in cloud environment. Int J Interact Multimed Artif Intell 4(3):70–74. Google Scholar
  24. Xing T, Huang D, Xu L, Chung C, Khatkar P (2013) SnortFlow: an OpenFlow-based intrusion prevention system in cloud environment. In: GENI research and educational experiment, 2nd workshop, pp 89–92.
  25. Xu Y, Liu Y (2016) DDoS attack detection under SDN context. In: Computer communications, 35th annual international conference of the IEEE, pp 1–9.
  26. Yan Q, Yu FR (2015) Distributed denial of service attacks in software-defined networking with cloud computing. Commun Mag IEEE 53(4):52–59. CrossRefGoogle Scholar
  27. Yu Y, Qian C, Li X (2014) Distributed and collaborative traffic monitoring in software defined networks. In: Hot topics in software defined networking, 3rd workshop, pp 85–90.

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringPondicherry Engineering CollegePondicherryIndia

Personalised recommendations