Abstract
Today, the Distributed Denial of Service (DDoS) attacks are progressed, which appears in different profiles besides dissimilar standards, in this manner it is very difficult to identify and tackle with these attacks. The fiscal impact of DDoS is extensive, as many business and government organizations are dependent on web-based portals. That is the reason, it is vital to have the option to recognize such risks early and subsequently respond before huge financial losses. Software-defined networking (SDN) is a new high-tech approach to computer networks that practices different software centered controllers to communicate with core hardware devices and live flow of packets in a network. SDN is flexible, which allows the administrator to control, change configuration, provision resources, and increase of capacity of network. This study addresses the early detection and mitigation techniques for DDoS attacks on server utilizing various machine learning models in real time. We have applied SVM with SVC, Decision Tree, Gaussian Naïve Bayes, and Random Forest Algorithm for mitigation and impact analysis of DDoS attacks on server with Ryu-SDN controller. We performed a comparative analysis with these different algorithms for optimizing the performance to minimize the prediction time and maximize the correctness of the datasets and accuracy of the model. Results of this study will help to determine the best possible machine learning algorithm in software-defined networks after performing the impact analysis of the attack by considering expended network metrics. As per the current research and proposed methodology, Decision Tree algorithms performed better in the attack scenario.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Data availability
The dataset used is being created after training the model with given necessary features for detection and mitigation. Data set is available at the: github repository at https://github.com/honeyGocher1/Data-set-for-DDoS-attack-and-mitigation-with-machine-learning-including-used-features..git.
References
Awan MJ, Farooq U, Babar HMA, Yasin A, Nobanee H, Hussain M, Zain AM. Real-time DDoS attack detection system using big data approach. Sustainability. 2021;13(19):10743.
Priya SS, Sivaram M, Yuvaraj D, Jayanthiladevi A. Machine learning based DDoS detection. In: 2020 international conference on emerging smart computing and informatics (ESCI). IEEE; 2020. p. 234–7.
Song J, Lee Y, Choi JW, Gil JM, Han J, Choi SS. Practical in-depth analysis of ids alerts for tracing and identifying potential attackers on darknet. Sustainability. 2017;9(2):262.
Alam TM, Awan MJ. Domain analysis of information extraction techniques. Int J Multidiscip Sci Eng. 2018;9(6).
Koo J, Kang G, Kim YG. Security and privacy in big data life cycle: a survey and open challenges. Sustainability. 2020;12(24):10571.
Gupta M, Jain R, Arora S, Gupta A, Javed Awan M, Chaudhary G, Nobanee H. AI-enabled COVID-19 outbreak analysis and prediction: Indian states vs. union territories. Comput Mater Continua. 2021;67(1):933–50.
Anam M, Hussain M, Nadeem MW, Javed Awan M, Goh HG, Qadeer S. Osteoporosis prediction for trabecular bone using machine learning: a review. Comput Mater Continua. 2021;67(1):89–105.
Nishanth N, Mujeeb A. Modeling and detection of flooding-based denial of service attacks in wireless Ad Hoc networks using uncertain reasoning. IEEE Trans Cogn Commun Netw. 2021;7(3):893–904.
Polat H, Polat O, Cetin A. Detecting DDoS attacks in software-defined networks through feature selection methods and machine learning models. Sustainability. 2020;12(3):1035.
Dantas Silva FS, Silva E, Neto EP, Lemos M, VenancioNeto AJ, Esposito F. A taxonomy of DDoS attack mitigation approaches featured by SDN technologies in IoT scenarios. Sensors. 2020;20(11):3078.
Tan L, Pan Y, Wu J, Zhou J, Jiang H, Deng Y. A new framework for DDoS attack detection and defense in SDN environment. IEEE Access. 2020;8:161908–19.
Giotis K, Argyropoulos C, Androulidakis G, Kalogeras D, Maglaris V. Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput Netw. 2014;62:122–36.
Shang G, Zhe P, Bin X, Aiqun H, Kui R. FloodDefender: protecting data and control plane resources under SDN-aimed DoS attacks. In: IEEE INFOCOM 2017-IEEE conference on computer communications. IEEE; 2017. p. 1–9.
Jafarian T, Masdari M, Ghaffari A, Majidzadeh K. A survey and classification of the security anomaly detection mechanisms in software defined networks. Clust Comput. 2021;24(2):1235–53.
Wang H, Xu L, Gu G. Floodguard: a dos attack prevention extension in software-defined networks. In: 2015 45th annual IEEE/IFIP international conference on dependable systems and networks. IEEE; 2015. p. 239–50.
Eliyan LF, Di Pietro R. DoS and DDoS attacks in Software Defined Networks: a survey of existing solutions and research challenges. Futur Gener Comput Syst. 2021;122:149–71.
Bertino E, Islam N. Botnets and internet of things security. Computer. 2017;50(2):76–9.
Guo X, Gao X. A SYN flood attack detection method based on hierarchical multihead self-attention mechanism. Secur Commun Netw. 2022. https://doi.org/10.1155/2022/8515836.
Liu W, Zhang Y, Yu X. A novel subpixel industrial chip detection method based on the dual-edge model for surface mount equipment. IEEE Trans Industr Inf. 2022;19:232–42.
Wang Z, Liu X, He Z, Su L, Lu X. Intelligent detection of flip chip with the scanning acoustic microscopy and the general regression neural network. Microelectron Eng. 2019;217: 111127.
Tayyab SM, Asghar E, Pennacchi P, Chatterton S. Intelligent fault diagnosis of rotating machine elements using machine learning through optimal features extraction and selection. Proc Manuf. 2020;51:266–73.
Sha Y, He Z, Du J, Zhu Z, Lu X. Intelligent detection technology of flip chip based on H-SVM algorithm. Eng Fail Anal. 2022;134: 106032.
Wu F, Liu X, Wang Y, Li X, Zhou M. Research on evaluation model of hospital informatization level based on decision tree algorithm. Secur Commun Networks 2022;2022.
Saurabh S, Roy S, Sairam AS. Extended deterministic edge router marking. Int J Commun Netw Distrib Syst. 2014;13(2):169–86.
Jackins V, Vimal S, Kaliappan M, Lee MY. AI-based smart prediction of clinical disease using random forest classifier and Naive Bayes. J Supercomput. 2021;77(5):5198–219.
Ramadhan NG, Adhinata FD. Sentiment analysis on vaccine COVID-19 using word count and Gaussian Naïve Bayes. Indonesian J Electr Eng Comput Sci. 2022;26(3):1765–72.
Fadlil A, Riadi I, Aji S. Ddos attacks classification using numeric attribute-based gaussian naive bayes. Int J Adv Comput Sci Appl. 2017. https://doi.org/10.14569/IJACSA.2017.080806.
Bains JK, Kaki KK, Sharma K. Intrusion detection system with multi layer using Bayesian networks. Int J Comput Appl. 2013;67(5).
Abdulqadder IH, Zou D, Aziz IT, Yuan B. Modeling software defined security using multi-level security mechanism for SDN environment. In: 2017 IEEE 17th international conference on communication technology (ICCT). IEEE; 2017. p. 1342–6.
Wang R, Jia Z, Ju L. An entropy-based distributed DDoS detection mechanism in software-defined networking. In: 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1. IEEE. 2015. p. 310–17.
Lee K, Kim J, Kwon KH, Han Y, Kim S. DDoS attack detection method using cluster analysis. Expert Syst Appl. 2008;34(3):1659–65.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors affirm that they have no known financial or interpersonal conflicts that would have seemed to have an impact on the research presented in this study.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article is part of the topical collection “Industrial IoT and Cyber-Physical Systems” guest edited by Arun K Somani, Seeram Ramakrishnan, Anil Chaudhary and Mehul Mahrishi.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Gocher, H., Taterh, S. & Dadheech, P. Impact Analysis to Detect and Mitigate Distributed Denial of Service Attacks with Ryu-SDN Controller: A Comparative Analysis of Four Different Machine Learning Classification Algorithms. SN COMPUT. SCI. 4, 456 (2023). https://doi.org/10.1007/s42979-023-01842-w
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s42979-023-01842-w