DDoS Detection System Based on Multiple Machine Learning Combination for Software Defined Networking 


Vol. 42,  No. 8, pp. 1581-1590, Aug.  2017
10.7840/kics.2017.42.8.1581


PDF Full-Text
  Abstract

In this paper, we introduce a multiple machine learning-based mechanism to increase the classification performance for network DDoS attack traffic. in this work, The proposed combination mechanism focuses on exploiting the advantages of two classification algorithms: Support Vector Machine (SVM), Decision Tree(DT). SVM takes less time to classify network flows with high accuracy and DT predicts flow more reliably with pre-learned data mining techniques. We propose a mechanism to combine SVM and DT to handle distributed denial of service attacks and protect network components from resource depletion in Software-Defined Networking. SVM first classifies the entire flow in flow-tables from OpenFlow switches. It is difficult to determine whether the classified flow is an attack flow in the graph representing the SVM or an attack flow or an normal flow if it is located between the edge of the line or a blurred or obscure part that is difficult to define clearly whether it is an attack on the baseline of the flow The final decision is forwarded to DT to detect the attack flow more clearly. After that, the Attack Classifier and Policy Enforcement modules are applied to the flow for attack mitigation and SDN controller protection. In addition, we introduce a new viewpoint of distributed denial of service attack in Software-Defined Networking. In this work, experiments that can be realized in Software-Defined Networking have proven that the proposed classification combination mechanism has better performance than the existing mechanism. The new SVM-DT combination mechanism is effective and innovative way that protects the SDN controller and OpenFlow switches form overloading to response distributed denial of service attacks.

  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Cite this article

[IEEE Style]

Y. Kim, D. Choi, T. P.Van, M. T. Long, M. Park, "DDoS Detection System Based on Multiple Machine Learning Combination for Software Defined Networking," The Journal of Korean Institute of Communications and Information Sciences, vol. 42, no. 8, pp. 1581-1590, 2017. DOI: 10.7840/kics.2017.42.8.1581.

[ACM Style]

Young-pin Kim, Dong-ho Choi, Trung P.Van, Mai Tieu Long, and Min-ho Park. 2017. DDoS Detection System Based on Multiple Machine Learning Combination for Software Defined Networking. The Journal of Korean Institute of Communications and Information Sciences, 42, 8, (2017), 1581-1590. DOI: 10.7840/kics.2017.42.8.1581.

[KICS Style]

Young-pin Kim, Dong-ho Choi, Trung P.Van, Mai Tieu Long, Min-ho Park, "DDoS Detection System Based on Multiple Machine Learning Combination for Software Defined Networking," The Journal of Korean Institute of Communications and Information Sciences, vol. 42, no. 8, pp. 1581-1590, 8. 2017. (https://doi.org/10.7840/kics.2017.42.8.1581)

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)






pISSN : 1226 - 4717
eISSN : 2287 - 3880