Feature-based real-time distributed denial of service detection in SDN using machine learning and Spark

Sama Salam Samaan, Hassan Awheed Jeiad

Abstract


Recently, software defined networking (SDN) has been deployed extensively in diverse practical domains, providing a new direction in network management by separating the control plane from the data plane. Nevertheless, SDN is vulnerable to distributed denial of service (DDoS) attacks resulting from its centralized controller. Several studies have been suggested to address the DDoS attacks in SDN utilizing machine learning approaches. However, these approaches are resource-intensive and cause performance degradation since they cannot perform effectively in large-scale SDN networks that generate vast traffic statistics. To handle all these challenges, we build a DDoS attack detection model in SDN using Spark as a big data tool to overcome the limitations of conventional data processing methods. Four machine learning algorithms are employed. The decision tree (DT) is elected to be used for real-time deployment based on the performance results, which indicates that it has the best accuracy of 0.936. The model performance is compared with state-of-the-art and shows an overall better performance.


Keywords


Big data; Distributed denial of service detection; Machine learning; Software defined networking; Spark

Full Text:

PDF


DOI: https://doi.org/10.11591/eei.v12i4.4711

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Bulletin of EEI Stats

Bulletin of Electrical Engineering and Informatics (BEEI)
ISSN: 2089-3191, e-ISSN: 2302-9285
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).