Abstract
The rapidly growing number of Internet of Things (IoT) devices has led to a rise in data transfers, which has raised security concerns. Due to the devices’ limited processing capabilities and vulnerability to many cyber attacks, securing IoT communications is challenging. Security threats, especially Distributed Denial of Service (DDoS) attacks, take a toll on the network in the form of increased communication overhead. Hence, a centralized unit is required to detect DDoS attacks in IoT networks at the earliest. Software-Defined Networking (SDN) promises a potential solution for better network traffic management and data flow. This paper presents a machine learning-based ensemble model for the detection of DDoS attacks in IoT networks using SDN. The proposed model employs a multi-step approach utilizing various Machine Learning (ML) algorithms. The proposed Ensemble Model (EM) combines Logistic Regression (LR), k-Nearest Neighbors (KNN), Gradient Boosting (GB), Extra-tree (ET), AdaBoost, and XGBoost, with XGBoost as the final estimator classifier. Various metrics, including sensitivity, specificity, precision, accuracy, and others, derived from the confusion matrix, evaluate the proposed model’s performance. The EM demonstrates superior performance during comparative analysis with state-of-the-art schemes, with a classification accuracy of 99.8%. Furthermore, the paper evaluates the model based on Receiver Operator Characteristic (ROC) curves, showing its superiority in True Positive Rates (TPR) compared to False Positive Rates (FPR). The AUC analysis supports the EM’s effectiveness. Cross-validation results further validate the model’s robustness, with a mean accuracy of 97.92%.
Similar content being viewed by others
Data availability
The data used in this study will be made available upon reasonable request.
References
Banitalebi Dehkordi, A., Soltanaghaei, M., Boroujeni, F.Z.: The ddos attacks detection through machine learning and statistical methods in sdn. J. Supercomput. 77, 2383–2415 (2021)
Yan, Q., Yu, F.R., Gong, Q., Li, J.: Software-defined networking (sdn) and distributed denial of service (ddos) attacks in cloud computing environments: a survey, some research issues, and challenges. IEEE Commun. Surv. Tutor. 18(1), 602–622 (2015)
Xu, Y., Liu, Y.: Ddos attack detection under sdn context. In: IEEE INFOCOM 2016-the 35th Annual IEEE International Conference on Computer Communications, pp. 1–9 (2016). IEEE
Hnamte, V., Najar, A.A., Nhung-Nguyen, H., Hussain, J., et al.: Ddos attack detection and mitigation using deep neural network in sdn environment. Comput. Secur. 138, 103661 (2023)
Hazman, C., Guezzaz, A., Benkirane, S., Azrour, M.: lids-sioel: intrusion detection framework for iot-based smart environments security using ensemble learning. Clust. Comput. 26(6), 4069–4083 (2023)
Shukla, P., Krishna, C.R., Patil, N.V.: Eiot-ddos: embedded classification approach for iot traffic-based ddos attacks. Clust. Comput. 27, 1–20 (2023)
Singh, J., Behal, S.: Detection and mitigation of ddos attacks in sdn: a comprehensive review, research challenges and future directions. Comput. Sci. Rev. 37, 100279 (2020)
Tan, L., Pan, Y., Wu, J., Zhou, J., Jiang, H., Deng, Y.: A new framework for ddos attack detection and defense in sdn environment. IEEE Access 8, 161908–161919 (2020)
Saha, R., Malviya, L., Jadhav, A., Dangi, R.: Early stage hiv diagnosis using optimized ensemble learning technique. Biomed. Signal Proc. Control 89, 105787 (2024)
Bhayo, J., Jafaq, R., Ahmed, A., Hameed, S., Shah, S.A.: A time-efficient approach toward ddos attack detection in iot network using sdn. IEEE Internet Things J. 9(5), 3612–3630 (2021)
Bawany, N.Z., Shamsi, J.A., Salah, K.: Ddos attack detection and mitigation using sdn: methods, practices, and solutions. Arabian J. Sci. Eng. 42, 425–441 (2017)
Rahman, O., Quraishi, M.A.G., Lung, C.-H.: Ddos attacks detection and mitigation in sdn using machine learning. In: 2019 IEEE World Congress on Services (SERVICES), vol. 2642, pp. 184–189 (2019). IEEE
Kalkan, K., Altay, L., Gür, G., Alagöz, F.: Jess: joint entropy-based ddos defense scheme in sdn. IEEE J. Selected Areas Commun. 36(10), 2358–2372 (2018)
Lima, N.A., Fernandez, M.P.: Towards an efficient ddos detection scheme for software-defined networks. IEEE Latin Am. Trans. 16(8), 2296–2301 (2018)
Kumar, P., Tripathi, M., Nehra, A., Conti, M., Lal, C.: Safety: early detection and mitigation of tcp syn flood utilizing entropy in sdn. IEEE Trans. Network Serv. Manag. 15(4), 1545–1559 (2018)
Xu, Y., Sun, H., Xiang, F., Sun, Z.: Efficient ddos detection based on k-fknn in software defined networks. IEEE Access 7, 160536–160545 (2019)
Wang, Y., Hu, T., Tang, G., Xie, J., Lu, J.: Sgs: safe-guard scheme for protecting control plane against ddos attacks in software-defined networking. IEEE Access 7, 34699–34710 (2019)
Wang, S., Balarezo, J.F., Chavez, K.G., Al-Hourani, A., Kandeepan, S., Asghar, M.R., Russello, G.: Detecting flooding ddos attacks in software defined networks using supervised learning techniques. Eng. Sci. Technol. Int. J. 35, 101176 (2022)
Singh, A., Kaur, H., Kaur, N.: A novel ddos detection and mitigation technique using hybrid machine learning model and redirect illegitimate traffic in sdn network. Clust. Comput. (2023). https://doi.org/10.1007/s10586-023-04152-1
Aziz, N.A., Mantoro, T., Khairudin, M.A., et al.: Software defined networking (sdn) and its security issues. In: 2018 International Conference on Computing, Engineering, and Design (ICCED), pp. 40–45 (2018). IEEE
Ahuja, N., Singal, G., Mukhopadhyay, D.: Ddos attack sdn dataset. Mendeley Data 1, 17632 (2020)
Gaur, V., Kumar, R.: Analysis of machine learning classifiers for early detection of ddos attacks on iot devices. Arabian J. Sci. Eng. 47(2), 1353–1374 (2022)
Gaur, M.V., Kumar, R.: Hpddos: a hyperparameter model for detection of multiclass ddos attacks. Math. Stat. Eng. Appl. 71(3s2), 1444–1470 (2022)
Khashab, F., Moubarak, J., Feghali, A., Bassil, C.: Ddos attack detection and mitigation in sdn using machine learning. In: 2021 IEEE 7th International Conference on Network Softwarization (NetSoft), pp. 395–401 (2021). IEEE
Dong, S., Sarem, M.: Ddos attack detection method based on improved knn with the degree of ddos attack in software-defined networks. IEEE Access 8, 5039–5048 (2019)
Alamri, H.A., Thayananthan, V.: Bandwidth control mechanism and extreme gradient boosting algorithm for protecting software-defined networks against ddos attacks. IEEE Access 8, 194269–194288 (2020)
Chen, Y., Pei, J., Li, D.: Detpro: A high-efficiency and low-latency system against ddos attacks in sdn based on decision tree. In: ICC 2019-2019 IEEE International Conference on Communications (ICC), pp. 1–6 (2019). IEEE
Tufa, S.W., Mengstie, M., Gebregziabher, H., Babu, B.R.: Detecting ddos attack using adaptive boosting with software defined network in cloud computing environment. REVISTA GEINTEC-GESTAO INOVACAO E TECNOLOGIAS 11(4), 3485–3494 (2021)
Yu, S., Zhang, J., Liu, J., Zhang, X., Li, Y., Xu, T.: A cooperative ddos attack detection scheme based on entropy and ensemble learning in sdn. EURASIP J. Wireless Commun. Netw. 2021(1), 1–21 (2021)
Behera, G., Nain, N.: Grid search optimization (gso) based future sales prediction for big mart. In: 2019 15th International Conference on Signal-Image Technology & Internet-Based Systems (SITIS), pp. 172–178 (2019). IEEE
Funding
No funding was received for this work.
Author information
Authors and Affiliations
Contributions
Rohit Singh conceptualized the study, designed the research methodology, and supervised the overall project. Rohit Singh, Krishan Pal Sharma conducted the experiments, collected, and analysed the result, and contributed to the writing of the manuscript. Lalit Kumar Awasthi contributed to the literature review, provided critical feedback on the research design, and contributed significantly to drafting and revising the manuscript. All authors contributed to the theoretical framework, conducted statistical analysis, and contributed to the interpretation of the results. They also revised the manuscript critically for important intellectual content.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no Conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Singh, R., Sharma, K.P. & Awasthi, L.K. A machine learning-based ensemble model for securing the IoT network. Cluster Comput (2024). https://doi.org/10.1007/s10586-024-04519-y
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10586-024-04519-y