Enhanced Attacks Detection and Mitigation in Software Defined Networks

Abstract

Purpose: The main aim of this research project was to develop a security simulation and mitigation mechanism for Software Defined Networking (SDN) deploying machine learning algorithms. Materials and Methods: Applied research method was used whereby attacks were initially detected and classified using machine learning algorithms on the CiCDDoS2019 dataset; next a SDN virtual network was created through simulation in Mininet plus captured network data from the environment and finally applied machine learning algorithms to detect and mitigate the attacks in case of an attack occurrence. Findings: Results showed higher rates of attack detection and lower false positive rates. Hence our system could be used in real life environments for attack detection and mitigation. However, the conditions and networks traffic would be different per the network configurations and tasks performed in the network environment Implications to Theory, Practice and Policy: Based on the findings and knowledge acquired, some key recommendations for successful implementation of an Enhanced attack and detection scheme in SDN include: Use deep learning and ensemble learning as the system will have an awareness of its state and hence have better accuracy and less false alarm rates, conducting thorough feature analysis and selection based on statistical techniques, correlation analysis, and domain knowledge, experimenting with multiple algorithms like deep neural networks, ensemble learning algorithms, optimizing the system to minimize computational overhead and ensure real-time processing, performing the study on a real world sdn environment to ensure proper knowledge of the data flow patterns in real world environments and use multiple datasets in the implementation of the system.