Software-defined networking (SDN) revolutionizes network management by decoupling control and data planes, enabling centralized control and dynamic policy enforcement. However, this centralized architecture introduces security vulnerabilities, making SDN controllers a prime target for Distributed Denial-of-Service (DDoS) attacks. These attacks flood the controller with malicious traffic, exhausting resources and causing network disruptions. To improve the accuracy of DDoS detection, the research work employed three distinct feature selection approaches: SelectKBest, ANOVA (Analysis of Variance) F-value scoring, and feature significance evaluation using RFC (Random Forest Classifier). These methods were utilized to determine the 10 most significant features from an initial set of 83. This refinement process enhances model performance by minimizing computational overhead while ensuring that critical attack-related features are preserved. This model proposes an LLM-based (Large Language Model) approach for DDoS detection in SDN, utilizing BERT (Bidirectional Encoder Representations from Transformers), RoBERTa (Robustly Optimized BERT Pretraining Approach), and F-Net (Fourier Transform-based Neural Network). These models leverage contextual learning and adaptive reasoning to detect threats with minimal training data. The effectiveness of the proposed approach was analyzed using the InSDN dataset and a network-emulated dataset from Mininet. Experimental results demonstrate that F-Net outperforms BERT and RoBERTa, achieving 99% accuracy on the InSDN dataset and 99.33% on real-time emulated traffic using Mininet. These findings underscore the effectiveness of LLMs in fortifying SDN security, offering a robust and scalable solution to mitigate evolving cyber threats.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

DDoS Attacks Detection in SDN Using Multi-feature Selection Approach and LLMs

  • Amit Kachavimath,
  • Satish Vaishyar,
  • Ayush Chugani,
  • Pratham Singh,
  • Sanjana A. More

摘要

Software-defined networking (SDN) revolutionizes network management by decoupling control and data planes, enabling centralized control and dynamic policy enforcement. However, this centralized architecture introduces security vulnerabilities, making SDN controllers a prime target for Distributed Denial-of-Service (DDoS) attacks. These attacks flood the controller with malicious traffic, exhausting resources and causing network disruptions. To improve the accuracy of DDoS detection, the research work employed three distinct feature selection approaches: SelectKBest, ANOVA (Analysis of Variance) F-value scoring, and feature significance evaluation using RFC (Random Forest Classifier). These methods were utilized to determine the 10 most significant features from an initial set of 83. This refinement process enhances model performance by minimizing computational overhead while ensuring that critical attack-related features are preserved. This model proposes an LLM-based (Large Language Model) approach for DDoS detection in SDN, utilizing BERT (Bidirectional Encoder Representations from Transformers), RoBERTa (Robustly Optimized BERT Pretraining Approach), and F-Net (Fourier Transform-based Neural Network). These models leverage contextual learning and adaptive reasoning to detect threats with minimal training data. The effectiveness of the proposed approach was analyzed using the InSDN dataset and a network-emulated dataset from Mininet. Experimental results demonstrate that F-Net outperforms BERT and RoBERTa, achieving 99% accuracy on the InSDN dataset and 99.33% on real-time emulated traffic using Mininet. These findings underscore the effectiveness of LLMs in fortifying SDN security, offering a robust and scalable solution to mitigate evolving cyber threats.