SDN-based DDoS Attack Mitigation Scheme using Convolution Recursively Enhanced Self Organizing Maps

Abstract

In a cloud computing environment, the Distributed Denial of Service (DDoS) attack is considered as the crucial issue that needs to be addressed in ensuring the availability of resources that emerge due to the compromisation of hosts. The process of detecting and preventing DDoS attacks is determined to be predominant when the potential benefits of decoupling data plane from the control plane are facilitated through the Software Defined Networking (SDN) in the cloud environment. The incorporation of SDN in DDoS mitigation also enhances the probability of investigating the data traffic flow using the reactive process of updating forwarding rules, analyzing the network with a global view and centralized control in monitoring for better DDoS mitigation enforcement. In this paper, a Convolution Recursively Enhanced Self Organizing Map and Software Defined Networking-based Mitigation Scheme (CRESOM-SDNMS) is proposed for ensuring the better rate of detection during the process of preventing DDoS attacks in clouds. This proposed CRESOM-SDNMS facilitates a predominant option in resolving the issue of vector quantization with enhanced topology preservation and the superior initialization mechanism during the process of SOM-based categorization of flooded data traffic flows into genuine and malicious. The simulation experiments and results of the proposed CRESOM-SDNMS confirmed a superior classification accuracy of around 21% when compared to the existing systems with minimized False Positive rate of 19% compared to the benchmarked DDoS mitigation schemes of the literature.