Skip to main content
SpringerLink
Log in

An efficient DDoS attack detection mechanism in SDN environment

  • Original Research
  • Published:
International Journal of Information Technology Aims and scope Submit manuscript

Abstract

Traditional intrusion detection systems are insufficient to identify recent and modern sophisticated attempts with unpredictable patterns. The ability to reliably detect modern cyberattacks is vital. Current machine learning-based intrusion detection methods in the field of information technology cannot keep up with the exponential growth of network data and features. For the optimum and decreasing selection of high-dimensional incursion characteristics, deep convolutional neural networks (DCNN) can be an efficient approach. Traditional convolutional neural networks (CNN) are still limited to several parameters and are susceptible to local optimality. In this paper, we propose a DCNN model to detect attacks and test it on a Software Defined Network (SDN) environment. We use the InSDN dataset, specifically developed for the SDN environment. Additionally, the model has been trained using the CIC-IDS2017 and the CIC-DDoS2019 datasets to demonstrate the applicability of the model. Our model outperforms most of the recent attack detection methods and could achieve a 99.99% accuracy rate with only a 0.0016 loss rate.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Data availability

The authors confirm that the dataset supporting the results of this study is available within the article on the reference number. Publicly available IDS datasets were used in this study. These datasets can be downloaded from https://aseados.ucd.ie/datasets/SDN/, https://www.unb.ca/cic/datasets/ids-2017.html and https://www.unb.ca/cic/datasets/ddos-2019.html.

Code availability

Evaluation and Experimental source code will be made available upon acceptance.

Notes

  1. https://aseados.ucd.ie/datasets/SDN/.

  2. https://www.unb.ca/cic/datasets/ids-2017.html.

  3. https://www.unb.ca/cic/datasets/ddos-2019.html.

  4. https://scikit-learn.org/stable/.

  5. https://jupyter.org/.

  6. http://mininet.org/.

  7. https://www.openvswitch.org/.

References

  1. Novaes MP, Carvalho LF, Lloret J, Proença ML (2021) Adversarial deep learning approach detection and defense against DDoS attacks in SDN environments. Future Gener Comput Syst 125:156–167. https://doi.org/10.1016/j.future.2021.06.047

    Article  Google Scholar 

  2. Kim J, Kim J, Kim H, Shim M, Choi E (2020) CNN-based network intrusion detection against denial-of-service attacks. Electronics 9(6):916. https://doi.org/10.3390/electronics9060916

    Article  Google Scholar 

  3. Das T, Sridharan V, Gurusamy M (2020) A survey on controller placement in SDN. IEEE Commun Surv Tutor 22(1):472–503. https://doi.org/10.1109/COMST.2019.2935453

    Article  Google Scholar 

  4. Chica JCC, Imbachi JC, Vega JFB (2020) Security in SDN: a comprehensive survey. J Netw Comput Appl 159:102595. https://doi.org/10.1016/j.jnca.2020.102595

    Article  Google Scholar 

  5. Hussain J, Hnamte V (2021) Deep learning based intrusion detection system: software defined network. In: 2021 Asian Conference on Innovation in Technology (ASIANCON), pp 1–6. https://doi.org/10.1109/ASIANCON51346.2021.9544913

  6. Hatcher WG, Yu W (2018) A survey of deep learning: platforms, applications and emerging research trends. IEEE Access 6:24411–24432. https://doi.org/10.1109/ACCESS.2018.2830661

    Article  Google Scholar 

  7. Dridi L, Zhani MF (2016) SDN-Guard: DoS attacks mitigation in SDN networks. In: 2016 5th IEEE International Conference on cloud networking (Cloudnet), pp 212–217. https://doi.org/10.1109/CloudNet.2016.9

  8. Bhushan K, Gupta BB (2019) Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment. J Ambient Intell Humaniz Comput 10(5):1985–1997. https://doi.org/10.1007/s12652-018-0800-9

    Article  Google Scholar 

  9. Niyaz Q, Sun W, Javaid AY (2017) A deep learning based DDoS detection system in software-defined networking (SDN). EAI Endorsed Trans Secur Saf. https://doi.org/10.4108/eai.28-12-2017.153515

    Article  Google Scholar 

  10. Hussain J, Hnamte V (2021) A novel deep learning based intrusion detection system : software defined network. In: 2021 International Conference on innovation and intelligence for informatics, computing, and technologies (3ICT), p 506–511. https://doi.org/10.1109/3ICT53449.2021.9581404

  11. Wang H, Li W (2021) DDosTC: a transformer-based network attack detection hybrid mechanism in SDN. Sensors 21(15):5047. https://doi.org/10.3390/s21155047

    Article  Google Scholar 

  12. Choobdar P, Naderan M, Naderan M (2022) Detection and multi-class classification of intrusion in software defined networks using stacked auto-encoders and cicids2017 dataset. Wirel Pers Commun 123(1):437–471. https://doi.org/10.1007/s11277-021-09139-y

    Article  Google Scholar 

  13. Tang TA, Mhamdi L, McLernon D, Zaidi SAR, Ghogho M (2018) Deep recurrent neural network for intrusion detection in SDN-based networks. In: 2018 4th IEEE Conference on network softwarization and workshops (NetSoft), p 202–206. https://doi.org/10.1109/NETSOFT.2018.8460090

  14. Abubakar A, Pranggono B (2017) Machine learning based intrusion detection system for software defined networks. In: 2017 Seventh International Conference on emerging security technologies (EST), p 138–143. https://doi.org/10.1109/EST.2017.8090413

  15. Arora A, Gosain A (2021) Intrusion detection system for data warehouse with second level authentication. Int J Inf Technol 13:877–887. https://doi.org/10.1007/s41870-021-00659-1

    Article  Google Scholar 

  16. Biswas P, Samanta T (2021) Anomaly detection using ensemble random forest in wireless sensor network. Int J Inf Technol 13(5):2043–2052. https://doi.org/10.1007/s41870-021-00717-8

    Article  Google Scholar 

  17. Palumbo F, Gallicchio C, Pucci R, Micheli A (2016) Human activity recognition using multisensor data fusion based on reservoir computing. J Ambient Intell Smart Environ 8(2):87–107. https://doi.org/10.3233/ais-160372

    Article  Google Scholar 

  18. Tripathi KN, Yadav AM, Sharma S (2022) DDOS: data dissemination with optimized and secured path using modified particle swarm optimization in vehicular communication network (vcn). Int J Inf Technol 14:1855–1868. https://doi.org/10.1007/s41870-021-00783-y

    Article  Google Scholar 

  19. Najar AA, Manohar Naik S (2022) Ddos attack detection using mlp and random forest algorithms. Int J Inf Technol 14(5):2317–2327. https://doi.org/10.1007/s41870-022-01003-x

    Article  Google Scholar 

  20. Tinubu C, Sodiya A, Ojesanmi O, Adeleke E, Adebowale A (2022) Dt-model: a classification model for distributed denial of service attacks and flash events. Int J Inf Technol 14(6):3077–3087. https://doi.org/10.1007/s41870-022-00946-5

    Article  Google Scholar 

  21. Song D, Yuan X, Li Q, Zhang J, Sun M, Fu X, Yang L (2023) Intrusion detection model using gene expression programming to optimize parameters of convolutional neural network for energy internet. Appl Soft Comput 134:109960. https://doi.org/10.1016/j.asoc.2022.109960

    Article  Google Scholar 

  22. Wong KKL, Fortino G, Abbott D (2020) Deep learning-based cardiovascular image diagnosis: a promising challenge. Future Gener Comput Syst 110:802–811. https://doi.org/10.1016/j.future.2019.09.047

    Article  Google Scholar 

  23. Diro AA, Chilamkurti N (2018) Distributed attack detection scheme using deep learning approach for internet of things. Future Gener Comput Syst 82:761–768. https://doi.org/10.1016/j.future.2017.08.043

    Article  Google Scholar 

  24. Elsayed MS, Le-Khac N-A, Jurcut AD (2020) InSDN: a novel SDN intrusion dataset. IEEE Access 8:165263–165284. https://doi.org/10.1109/ACCESS.2020.3022633

    Article  Google Scholar 

  25. Sharafaldin I, Lashkari AH, Ghorbani AA (2018) Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1:108–116. https://doi.org/10.5220/0006639801080116

    Article  Google Scholar 

  26. Panigrahi R, Borah S (2018) A detailed analysis of CICIDS2017 dataset for designing intrusion detection systems. Int J Eng Technol 7(3.24):479–482. https://doi.org/10.14419/ijet.v7i3.24.22797

    Article  Google Scholar 

  27. Sharafaldin I, Lashkari AH, Hakak S, Ghorbani AA (2019) Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy. In: 2019 International Carnahan Conference on Security Technology (ICCST), p 1–8. https://doi.org/10.1109/CCST.2019.8888419

  28. Powers D (2011) Evaluation: from precision, recall and F-measure to ROC, informedness, markedness & correlation. J Mach Learn Technol 2(1):37–63. https://doi.org/10.48550/arXiv.2010.16061

    Article  MathSciNet  Google Scholar 

Download references

Acknowledgements

The authors wish to thanks Mizoram University for all the support and motivation for this research.

Author information

Authors and Affiliations

  1. Department of Mathematics and Computer Science, Mizoram University, Tanhril, Aizawl, Mizoram, 796004, India

    Vanlalruata Hnamte & Jamal Hussain

Authors
  1. Vanlalruata Hnamte
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jamal Hussain
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

Conceptualization, VH and JH; methodology, VH and JH; software, VH; validation, VH and JH; formal analysis, VH; investigation, VH; resources, VH; data curation, VH; writing—original draft preparation, VH; writing—review and editing, VH, JH; visualization, VH; supervision, JH; project administration, JH.

Corresponding author

Correspondence to Vanlalruata Hnamte.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hnamte, V., Hussain, J. An efficient DDoS attack detection mechanism in SDN environment. Int. j. inf. tecnol. 15, 2623–2636 (2023). https://doi.org/10.1007/s41870-023-01332-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41870-023-01332-5

Keywords

Search

Navigation