Najmun Nisa
TPAAD: two‐phase authentication system for denial of service attack detection and mitigation using machine learning in software‐defined network.
Nisa, Najmun; Khan, Adnan Shahid; Ahmad, Zeeshan; Abdullah, Johari
Abstract
Software-defined networking (SDN) has received considerable attention and adoption owing to its inherent advantages, such as enhanced scalability, increased adaptability, and the ability to exercise centralized control. However, the control plane of the system is vulnerable to denial-of-service (DoS) attacks, which are a primary focus for attackers. These attacks have the potential to result in substantial delays and packet loss. In this study, we present a novel system called Two-Phase Authentication for Attack Detection that aims to enhance the security of SDN by mitigating DoS attacks. The methodology utilized in our study involves the implementation of packet filtration and machine learning classification techniques, which are subsequently followed by the targeted restriction of malevolent network traffic. Instead of completely deactivating the host, the emphasis lies on preventing harmful communication. Support vector machine and K-nearest neighbours algorithms were utilized for efficient detection on the CICDoS 2017 dataset. The deployed model was utilized within an environment designed for the identification of threats in SDN. Based on the observations of the banned queue, our system allows a host to reconnect when it is no longer contributing to malicious traffic. The experiments were run on a VMware Ubuntu, and an SDN environment was created using Mininet and the RYU controller. The results of the tests demonstrated enhanced performance in various aspects, including the reduction of false positives, the minimization of central processing unit utilization and control channel bandwidth consumption, the improvement of packet delivery ratio, and the decrease in the number of flow requests submitted to the controller. These results confirm that our Two-Phase Authentication for Attack Detection architecture identifies and mitigates SDN DoS attacks with low overhead.
Citation
NISA, N., KHAN, A.S., AHMAD, Z. and ABDULLAH, J. 2024. TPAAD: two-phase authentication system for denial of service attack detection and mitigation using machine learning in software-defined network. International journal of network management [online], Early View, article number e2258. Available from: https://doi.org/10.1002/nem.2258
Journal Article Type | Article |
---|---|
Acceptance Date | Dec 11, 2023 |
Online Publication Date | Jan 12, 2024 |
Deposit Date | Jan 25, 2024 |
Publicly Available Date | Jan 25, 2024 |
Journal | International journal of network management |
Print ISSN | 1055-7148 |
Electronic ISSN | 1099-1190 |
Publisher | Wiley |
Peer Reviewed | Peer Reviewed |
Article Number | e2258 |
DOI | https://doi.org/10.1002/nem.2258 |
Keywords | Open flow; Distributed denial‐of‐service (DDoS) attacks; SVM; CICDoS 2017 dataset; Mininet, Attack detection; Attack mitigation; Denial‐of‐service attacks (DoS); KNN; RYU controller; Software‐defined networking (SDN); Two‐Phase Authentication |
Public URL | https://rgu-repository.worktribe.com/output/2216588 |
Files
NISA 2024 TPAAD (VOR)
(3.4 Mb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by/4.0/
Copyright Statement
© 2024 The Authors. International Journal of Network Management published by John Wiley & Sons Ltd. This is an open access article under the terms of the Creative Commons Attribution License, which permits use, distribution and reproduction in any medium, provided the original work is properly cited.
You might also like
Anomaly detection using deep neural network for IoT architecture.
(2021)
Journal Article
MS-ADS: multistage spectrogram image-based anomaly detection system for IoT security.
(2023)
Journal Article
Lightweight multifactor authentication scheme for NextGen cellular networks.
(2022)
Journal Article
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search