Call for Paper - January 2023 Edition
IJCA solicits original research papers for the January 2023 Edition. Last date of manuscript submission is December 20, 2022. Read More

Machine Learning for Securing SDN based 5G Network

Print
PDF
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Year of Publication: 2021
Authors:
Hassan A. Alamri, Vijey Thayananthan, Javad Yazdani
10.5120/ijca2021921027

Hassan A Alamri, Vijey Thayananthan and Javad Yazdani. Machine Learning for Securing SDN based 5G Network. International Journal of Computer Applications 174(14):9-16, January 2021. BibTeX

@article{10.5120/ijca2021921027,
	author = {Hassan A. Alamri and Vijey Thayananthan and Javad Yazdani},
	title = {Machine Learning for Securing SDN based 5G Network},
	journal = {International Journal of Computer Applications},
	issue_date = {January 2021},
	volume = {174},
	number = {14},
	month = {Jan},
	year = {2021},
	issn = {0975-8887},
	pages = {9-16},
	numpages = {8},
	url = {http://www.ijcaonline.org/archives/volume174/number14/31744-2021921027},
	doi = {10.5120/ijca2021921027},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}
}

Abstract

The fifth-generation (5G) network supports many systems such as reliable communication in potential applications that require maximum security. Advancement in Software-Defined Networking (SDN) is growing with the emerging network architectures targeted from many servers with the various types of Distributed Denial of Service (DDoS) attackers. When malicious users send DDoS attacks, the SDN based 5G networks face security problems and challenges. Despite the security solutions for preventing DDoS attacks in SDN, securing the SDN controller is one of the challenging problems. The purpose of this research is to analyze the suitable machine learning (ML) for securing the SDN controller targeted by DDoS attacks. This paper proposes a security scheme that includes the ML algorithm, adaptive bandwidth mechanism, and dynamic threshold technique. Therefore, the main focus is on the mitigation scheme of DDoS attacks considered in SDN controller through the ML trained model. In this scheme, the proposed approach uses the best ML as a method for finding security solutions that enhance the security of the SDN controller and network performance. In this method, the Extreme Gradient Boosting (XGBoost) and other ML algorithms were used, which not only enhance the accuracy of the security solutions but also improve the overall network performance.

References

  1. S. Dong, K. Abbas, and R. Jain, “A survey on distributed denial of service (DDoS) attacks in SDN and cloud computing environments,” IEEE Access, vol. 7, pp. 80813–80828, 2019.
  2. S. Singh and S. Prakash, “A survey on the software-defined network based on architecture, issues, and challenges,” 2019 3rd Int. Conf. Comput. Methodol. Commun., no. Iccmc, pp. 568–573, 2019.
  3. K. S. Sahoo et al., “An Evolutionary SVM Model for DDOS Attack Detection in Software Defined Networks,” IEEE Access, vol. 8, pp. 132502–132513, 2020.
  4. T. A. Tang, L. Mhamdi, D. McLernon, S. A. R. Zaidi, M. Ghogho, and F. El Moussa, “DeepIDS: Deep learning approach for intrusion detection in software-defined networking,” Electron., vol. 9, no. 9, pp. 1–18, 2020.
  5. S. Kumar and Md. Mahbubur, “Effects of Machine Learning Approach in Flow-Based,” 2019.
  6. K. S. Sahoo, D. Puthal, M. Tiwary, J. J. P. C. Rodrigues, B. Sahoo, and R. Dash, “An early detection of low rate DDoS attack to SDN based data center networks using information distance metrics,” Futur. Gener. Comput. Syst., vol. 89, pp. 685–697, 2018.
  7. M. Shakil, A. Fuad Yousif Mohammed, R. Arul, A. K. Bashir, and J. K. Choi, “A novel dynamic framework to detect DDoS in SDN using metaheuristic clustering,” Trans. Emerg. Telecommun. Technol., no. February pp. 1–18, 2019.
  8. K. Kalkan, L. Altay, G. Gür, and F. Alagöz, “JESS: joint entropy-based DDoS defense scheme in SDN,” IEEE J. Sel. Areas Commun., vol. 36, no. 10, pp., 2358–2372, 2018.
  9. K. B. Virupakshar, M. Asundi, K. Channal, P. Shettar, S. Patil, and D. G. Narayan, “Distributed Denial of Service (DDoS) Attacks Detection System for OpenStack-based Private Cloud,” Procedia Comput. Sci., vol. 167, no. 2019, pp., 2297–2307, 2020.
  10. K. Bhushan and B. B. Gupta, “Distributed denial of service (DDoS) attack mitigation in a software-defined network (SDN)-based cloud computing environment,” J. Ambient Intell. Humaniz. Comput., vol. 10, no. 5, pp. 1985–1997, 2019.
  11. K. Huang, L. Yang, X. Yang, Y. Xiang, and Y. Y. Tang, "A Low-Cost Distributed Denial-of-Service Attack Architecture," in IEEE Access, vol. 8, pp. 42111-42119, 2020, doi: 10.1109/ACCESS.2020.2977112.
  12. S. Dong, K. Abbas, and R. Jain, “A Survey on Distributed Denial of Service (DDoS) Attacks in SDN and Cloud Computing Environments,” IEEE Access, vol. 7, pp. 80813–80828, 2019.
  13. V. Duddu, “A survey of adversarial machine learning in cyber warfare,” Def. Sci. J., vol. 68, no. 4, pp. 356–366, 2018.
  14. K. Nisar, I. Welch, R. Hassan, A. H. Sodhro, and S. Pirbhulal, “A Survey on the Architecture, Application, and Security of Software Defined Networking,” Internet of Things, vol. 12, p. 100289, 2020.
  15. M. Iqbal, F. Iqbal, F. Mohsin, M. Rizwan, and F. Ahmad, “Security issues in software-defined networking (SDN): Risks, challenges, and potential solutions,” Int. J. Adv. Comput. Sci. Appl., vol. 10, no. 10, pp. 298–303, 2019.
  16. A. Pradhan and R. Mathew, “Solutions to Vulnerabilities and Threats in Software Defined Networking (SDN),” Procedia Comput. Sci., vol. 171, no. 2019, pp., 2581–2589, 2020.
  17. H. S. Abdulkarem and A. Dawod, "DDoS Attack Detection and Mitigation at SDN Data Plane Layer," 2020 2nd Global Power, Energy, and Communication Conference (GPECOM), Izmir, Turkey, 2020, pp. 322-326, doi: 10.1109/GPECOM49333.2020.9247850.
  18. K. K. Karmakar, V. Varadharajan, and U. Tupakula, “Mitigating Attacks in Software Defined Network ( SDN ),” Cluster Comput., 2019.
  19. M. Idhammad, K. Afdel, and M. Belouch, “Detection system of HTTP DDoS attacks in a cloud environment based on information-theoretic entropy and random forest,” Secur. Commun. Networks, vol. 2018, 2018.
  20. J. Cheng, C. Zhang, X. Tang, V. S. Sheng, Z. Dong, and J. Li, “Adaptive DDoS attack detection method based on multiple-kernel learning,” Secur. Commun. Networks, vol. 2018, pp. 1–19, 2018.
  21. A. Raj, A. S. Bhat, L. V. Namboothiri, “Effective threshold defence against DOS attack on SDN controller,” Int. J. Pure Appl. Math., vol. 119, no. 10, pp. 691–698, 2018.
  22. J. David and C. Thomas, “Efficient DDoS flood attack detection using dynamic thresholding on flow-based network traffic,” Comput. Secur., vol. 82, pp. 284–295, 2019.
  23. Z. He and R. B. Lee, “Machine Learning-Based DDoS Attack Detection From Source Side in Cloud,” 2017 IEEE 4th Int. Conf. Cyber Secur. Cloud Comput., pp. 114–120, 2017.
  24. I. Sreeram, V. Praveen, and K. Vuppala, “Applied Computing and Informatics HTTP flood attack detection in application layer using machine learning metrics and bio inspired bat algorithm,” Appl. Comput. Informatics, vol. 15, no. 1, pp. 59–66, 2019.
  25. I. Sofi, A. Mahajan, and V. Mansotra, “Machine Learning Techniques used for the Detection and Analysis of Modern Types of DDoS Attacks,” pp. 1085–1092, 2017.
  26. R. Santos and E. Moreno, “Machine learning algorithms to detect DDoS attacks in SDN,” Concurr. Comput. Pr. Exper., pp. 1–14, 2019.
  27. M. M. Oo, S. Kamolphiwong, T. Kamolphiwong, and S. Vasupongayya, “Advanced support vector machine- (ASVM-) based detection for distributed denial of service (DDoS) attack on software-defined networking (SDN),” Comput. Networks Commun., vol. 2019, pp. 12, 2019.
  28. T. V. Phan and M. Park, “Efficient distributed denial-of-service attack defense in sdn-based cloud,” IEEE Access, vol. 7, pp. 18701–18714, 2019.
  29. Y. Wang, T. Hu, G. Tang, J. Xie, and J. Lu, “SGS: safe-guard scheme for protecting control plane against DDoS attacks in software-defined networking,” IEEE Access, vol. 7, pp. 34699–34710, 2019.
  30. K. S. Arpitha, “Ddos Attacks Using Machine Learning,” J. Xi’an Univ. Archit. Technol., vol. XII, no. IV, pp. 3380–3384, 2020.
  31. D. Zhu and S. Member, “A Flexible SDN-Based Architecture for Identifying and Mitigating Low-Rate DDoS Attacks Using Machine Learning,” pp. 155859–155872, 2020.
  32. V. Deepa, K. M. Sudar, and P. Deepalakshmi, “Detection of DDoS attack on SDN control plane using hybrid machine learning techniques,” 2018 Int. Conf. Smart Syst. Inven. Technol., Icssit, pp. 299–303, 2019.
  33. Z. Chen, F. Jiang, Y. Cheng, X. Gu, W. Liu, and J. Peng, "XGBoost Classifier for DDoS Attack Detection and Analysis in SDN-Based Cloud," 2018 IEEE International Conference on Big Data and Smart Computing (BigComp), Shanghai, 2018, pp. 251-256, doi: 10.1109/BigComp.2018.00044.
  34. Zhang, Chunyu, Danshi Wang, Chuang Song, Lingling Wang, Jianan Song, Luyao Guan, and Min Zhang. "Interpretable learning algorithm based on XGboost for fault prediction in an optical network." In Optical Fiber Communication Conference, pp. Th1F-3. Optical Society of America, 2020.
  35. I. Sharafaldin, A. H. Lashkari, S. Hakak, and A. A. Ghorbani, “Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy,” Proc. - Int. Carnahan Conf. Secur. Technol., vol. 2019-Octob, no. Cic, 2019.
  36. S. Das, D. Venugopal, S. Shiva, and F. T. Sheldon, “Empirical Evaluation of the Ensemble Framework for Feature Selection in DDoS Attack,” no. Ml, pp. 56–61, 2020.
  37. Gong, Changqing, Delong Yu, Liang Zhao, Xiguang Li, and Xianwei Li. "An intelligent trust model for hybrid DDoS detection in software-defined networks." Concurrency and Computation: Practice and Experience 32, no. 16 (2020): e5264.
  38. Alamri, Hassan A., and Vijey Thayananthan. "Bandwidth Control Mechanism and Extreme Gradient Boosting Algorithm for Protecting Software-Defined Networks Against DDoS Attacks." IEEE Access 8 (2020): 194269-194288.

Keywords

Machine learning; Distributed Denial-of-Service; SDN based 5G networks; Security solution; Extreme Gradient Boosting Algorithm (XGBoost)