Abstract
Software-defined networking (SDN) has emerged in recent years as a form of Internet architecture. Its scalability, dynamics, and programmability simplify the traditional Internet structure. This architecture realizes centralized management by separating the control plane and the data-forwarding plane of the network. However, due to this feature, SDN is more vulnerable to attacks than traditional networks and can cause the entire network to collapse. DDoS attacks, also known as distributed denial-of-service attacks, are the most aggressive of all attacks. These attacks generate many packets (or requests) and ultimately overwhelm the target system, causing it to crash. In this article, we designed a hybrid neural network DDosTC structure, combining efficient and scalable transformers and a convolutional neural network (CNN) to detect distributed denial-of-service (DDoS) attacks on SDN, tested on the latest dataset, CICDDoS2019. For better verification, several experiments were conducted by dividing the dataset and comparisons were made with the latest deep learning detection algorithm applied in the field of DDoS intrusion detection. The experimental results show that the average AUC of DDosTC is 2.52% higher than the current optimal model and that DDosTC is more successful than the current optimal model in terms of average accuracy, average recall, and F1 score.
Highlights
With the complexity of network architecture and the rapid growth of the connection requirements of Internet-connected devices, the traditional complex Internet architecture cannot dynamically handle modern network applications
This section introduces the results of experiments with DDoS attack-detection model (DDosTC) and compares our proposed method’s performance with that of the detection methods that have appeared in recent years—recurrent neural network (RNN), gated recurrent unit (GRU), convolutional neural network (CNN), long short-term memory (LSTM), hybrid deep learning (LSTM + GRU), and bidirectional long short-term memory—in terms of accuracy, recall rate, F1 score, AUC, and other aspects of our proposed model
distributed denial-of-service (DDoS) attacks and was a real dataset that was similar to real-life attacks
Summary
Detection Hybrid Mechanism in SDN. Keywords: software-defined networking; transformer; convolutional neural network; DDoS; hybrid model Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. Licensee MDPI, Basel, Switzerland. 4.0/).
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have