Machine Learning Based Two Phase Detection and Mitigation Authentication Scheme for Denial-of-Service Attacks in Software Defined Networks
Computer networks are becoming increasingly important to the delivery of modern society's basic services. As a result of this growing dependence, traffic and users worldwide have also grown. Therefore, Software Defined Networking (SDN) is one of the solutions administrators are employing to han...
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English English English |
| Published: |
UNIMAS
2024
|
| Subjects: | |
| Online Access: | http://ir.unimas.my/id/eprint/49903/ |
| Abstract | Abstract here |
| Summary: | Computer networks are becoming increasingly important to the delivery of modern society's basic services. As a result of this growing dependence, traffic and users worldwide have also grown. Therefore, Software Defined Networking (SDN) is one of the solutions administrators are employing to handle this expansion. Traditional distributed networking is replaced with SDN's more programmable centralised solution, which is built around the SDN controller. This enables administrators to respond more rapidly to fluctuating network conditions. However, due to this flexible SDN architecture, it makes it vulnerable to different attacks such as Denial of Service (DoS)/Distributed Denial of Service (DDoS), Man in the Middle (MITM), spoofing and intrusion etc. Among all these, DoS attacks have the most severe impact of any of these types of attacks since they are able to overwhelm the most important parts of SDN, which in turn causes performance issues such as switch memory, CPU utilization and control channel bandwidth, which can result in slower speed, more dropped packets, and less accurate detection. Due to its centralized control plane architecture, SDN is vulnerable to DoS/DDoS attack, which can compromise the entire network. To improve SDN's resilience and performance, early detection, mitigation strategies, and structured approaches are necessary. In this research, Two-Phase Authentication of Attack Detection (TPAAD) scheme is proposed and investigated for detection and mitigation of DoS attacks in SDN to increase the performance of the above-mentioned issues. This scheme incorporates machine learning techniques by utilizing Support Vector Machine (SVM) and K-Nearest Neighbors (KNN) classification algorithms to accurately identify and handle malicious network traffic following the initial packet filtration process that identifies abnormal traffic. Through effective separation of benign from harmful packet flows, this method lessens the burden on the control plane while preserving communication bandwidth. The results of the tests indicated increased performance in terms of fewer false positives, less CPU utilisation, less control channel bandwidth used, higher packet delivery ratio, and fewer flow requests made to the controller with 99.56% detection accuracy as compared to selected benchmarks. These findings demonstrate that the TPAAD scheme is more secure and effective than current approaches, operating efficiently and with little overhead, Specifically, it can accurately identify and mitigate DoS attacks in SDN. |
|---|