The controller is the central individual of software-defined networking (SDN), having a whole view of the network environment and being critical to the traffic flow’s decision-making due to its information. This makes it a crucial point for attackers to send traffic towards it; this can severely impact the entire network. To protect the controller and for providing constant availability and connectivity, the ensemble of deep learning (DL) methods, long short-term memory (LSTM), and gated recurrent unit (GRU) networks is proposed in this research. Integrating the advantages of both LSTM and GRU, this hybrid model improves the effectiveness of distributed denial of service (DDoS) anomaly detection and prevention. LSTM is especially known for its memory for long-term dependencies, while GRU has fewer parameters which makes the training process faster, making this proposed attack detection system more effective. The ensemble model identifies more temporal features and dependency patterns of traffic in the network and increases the accuracy and stability of DoS attacks. The evaluation of the proposed approach using the InSDN dataset shows that this ensemble approach yields higher detection rates compared to single models and other challenge solutions. The final results obtained when evaluated on InSDN dataset have shown that the accuracy of attack detection is 99.987% at the detection rate of 99.984%, which is more effective and offers significant improvement in protecting the SDN controllers from advanced cyber threats.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Distributed Denial of Service Anomaly Detection in Software Defined Networks Using an Ensemble of Deep Learning Methods

  • Mohammed Al-Farouni,
  • Phaneendra Babu Bobba

摘要

The controller is the central individual of software-defined networking (SDN), having a whole view of the network environment and being critical to the traffic flow’s decision-making due to its information. This makes it a crucial point for attackers to send traffic towards it; this can severely impact the entire network. To protect the controller and for providing constant availability and connectivity, the ensemble of deep learning (DL) methods, long short-term memory (LSTM), and gated recurrent unit (GRU) networks is proposed in this research. Integrating the advantages of both LSTM and GRU, this hybrid model improves the effectiveness of distributed denial of service (DDoS) anomaly detection and prevention. LSTM is especially known for its memory for long-term dependencies, while GRU has fewer parameters which makes the training process faster, making this proposed attack detection system more effective. The ensemble model identifies more temporal features and dependency patterns of traffic in the network and increases the accuracy and stability of DoS attacks. The evaluation of the proposed approach using the InSDN dataset shows that this ensemble approach yields higher detection rates compared to single models and other challenge solutions. The final results obtained when evaluated on InSDN dataset have shown that the accuracy of attack detection is 99.987% at the detection rate of 99.984%, which is more effective and offers significant improvement in protecting the SDN controllers from advanced cyber threats.