Abstract
As novel technologies continue to reshape the digital era, cyberattacks are also increasingly becoming more commonplace and sophisticated. Distributed denial of service (DDoS) attacks are, perhaps, the most prevalent and exponentially-growing attack, targeting the varied and emerging computational network infrastructures across the globe. This necessitates the design of an efficient and early detection of large-scale sophisticated DDoS attacks. Software defined networks (SDN) point to a promising solution, as a network paradigm which decouples the centralized control intelligence from the forwarding logic. In this work, a deep convolutional neural network (CNN) ensemble framework for efficient DDoS attack detection in SDNs is proposed. The proposed framework is evaluated on a current state-of-the-art Flow-based dataset under established benchmarks. Improved accuracy is demonstrated against existing related detection approaches.
Highlights
The importance of emerging information and communication technology (ICT) solutions and their role in our social and economic lives is undeniable in our current society
A majority of existing datasets used for network intrusion detections systems (NIDS) are mainly comprised of IP traffic, which does not carry purely Flow-based features and attributes, a requirement for Software defined networks (SDN)
PROPOSED deep learning (DL) MODEL’S ARCHITECTURES To demonstrate the potential of DL-algorithms, we propose four DL-based architectures (Ensemble RNN, LSTM, convolutional neural network (CNN) and Hybrid RL)
Summary
The importance of emerging information and communication technology (ICT) solutions and their role in our social and economic lives is undeniable in our current society. A majority of existing datasets used for network intrusion detections systems (NIDS) are mainly comprised of IP traffic, which does not carry purely Flow-based features and attributes, a requirement for SDNs. the comparison of the proposed technique with current state-of-the-art ensembles and hybrid approaches is evaluated using standard metrics/parameters, namely accuracy, precision, recall and f1-score. This work proposes a novel approach to utilize DL-based ensemble and hybrid approaches to detect large-scale DDoS attacks within a Flow-based benchmark dataset, which purely represents software defined networks [11], [12]. 3) Verification of the proposed mechanism against current state of the art deep ensembles and hybrid approaches for DDoS attack detection in SDNs. Demonstration of the scalability and cost-effectiveness of the proposed SDN controller (i.e., control plane) based ensemble framework. Our proposed models demonstrate comparable results on less significant systems
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
