Abstract
Software Defined Networking (SDN) has many advantages over a traditional network. The great advantage of SDN is that the network control is physically separated from forwarding devices. SDN can solve many security issues of a legacy network. Nevertheless, SDN has many security vulnerabilities. The biggest issue of SDN vulnerabilities is Distributed Denial of Service (DDoS) attack. The DDoS attack on SDN becomes an important problem, and varieties of methods had been applied for detection and mitigation purposes. The objectives of this paper are to propose a detection method of DDoS attacks by using SDN based technique that will disturb the legitimate user's activities at the minimum and to propose Advanced Support Vector Machine (ASVM) technique as an enhancement of existing Support Vector Machine (SVM) algorithm to detect DDoS attacks. ASVM technique is a multiclass classification method consisting of three classes. In this paper, we can successfully detect two types of flooding-based DDoS attacks. Our detection technique can reduce the training time as well as the testing time by using two key features, namely, the volumetric and the asymmetric features. We evaluate the results by measuring a false alarm rate, a detection rate, and accuracy. The detection accuracy of our detection technique is approximately 97% with the fastest training time and testing time.
Highlights
Nowadays, networking technologies are gradually developed for advanced infrastructure
We have explored three research problems with our proposed technique [3]. e first problem is the extension of the multiclass problem in the Support Vector Machine (SVM) algorithm
When the traffics arrived at the OpenDaylight controller cluster, they will be forwarded via the northbound Application Programming Interface (API) to the Detection of Distributed Denial of Service (DDoS) attack by Advanced Support Vector Machine (ASVM) of application layer. e packet will be classified as a DDoS attack traffic or a normal traffic. e components of our proposed framework consist of four modules including the traffic generation, the traffic data collection, the feature extraction, and the classification of attack or normal by ASVM method
Summary
Nowadays, networking technologies are gradually developed for advanced infrastructure. Ere are varieties of researches for detection of the DDoS attack on SDN network [2]. DDoS real-time detection and the integration of the traffic pattern built in SVM with SDN controller were their future work. The DDoS attack will be detected on the SDN network by using the Advanced Support Vector Machine (ASVM) method. When the traffics arrived at the OpenDaylight controller cluster, they will be forwarded via the northbound API to the Detection of DDoS attack by ASVM of application layer. SYN flooding attack is a type of DoS attack that exploits the normal three-way handshake procedure to consume the resources on the targeted server and render it unresponsive by using the TCP connection. Scapy is used for creating the normal tra c packets to be sent to the destination host
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
