Najmun Nisa
TPAAD: two‐phase authentication system for denial of service attack detection and mitigation using machine learning in software‐defined network.
Nisa, Najmun; Khan, Adnan Shahid; Ahmad, Zeeshan; Abdullah, Johari
Abstract
Software-defined networking (SDN) has received considerable attention and adoption owing to its inherent advantages, such as enhanced scalability, increased adaptability, and the ability to exercise centralized control. However, the control plane of the system is vulnerable to denial-of-service (DoS) attacks, which are a primary focus for attackers. These attacks have the potential to result in substantial delays and packet loss. In this study, we present a novel system called Two-Phase Authentication for Attack Detection that aims to enhance the security of SDN by mitigating DoS attacks. The methodology utilized in our study involves the implementation of packet filtration and machine learning classification techniques, which are subsequently followed by the targeted restriction of malevolent network traffic. Instead of completely deactivating the host, the emphasis lies on preventing harmful communication. Support vector machine and K-nearest neighbours algorithms were utilized for efficient detection on the CICDoS 2017 dataset. The deployed model was utilized within an environment designed for the identification of threats in SDN. Based on the observations of the banned queue, our system allows a host to reconnect when it is no longer contributing to malicious traffic. The experiments were run on a VMware Ubuntu, and an SDN environment was created using Mininet and the RYU controller. The results of the tests demonstrated enhanced performance in various aspects, including the reduction of false positives, the minimization of central processing unit utilization and control channel bandwidth consumption, the improvement of packet delivery ratio, and the decrease in the number of flow requests submitted to the controller. These results confirm that our Two-Phase Authentication for Attack Detection architecture identifies and mitigates SDN DoS attacks with low overhead.
Citation
NISA, N., KHAN, A.S., AHMAD, Z. and ABDULLAH, J. 2024. TPAAD: two-phase authentication system for denial of service attack detection and mitigation using machine learning in software-defined network. International journal of network management [online], 34(3), article number e2258. Available from: https://doi.org/10.1002/nem.2258
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Dec 11, 2023 |
| Online Publication Date | Jan 12, 2024 |
| Publication Date | Jun 30, 2024 |
| Deposit Date | Jan 25, 2024 |
| Publicly Available Date | Jan 25, 2024 |
| Journal | International journal of network management |
| Print ISSN | 1055-7148 |
| Electronic ISSN | 1099-1190 |
| Publisher | Wiley |
| Peer Reviewed | Peer Reviewed |
| Volume | 34 |
| Issue | 3 |
| Article Number | e2258 |
| DOI | https://doi.org/10.1002/nem.2258 |
| Keywords | Open flow; Distributed denial‐of‐service (DDoS) attacks; SVM; CICDoS 2017 dataset; Mininet, Attack detection; Attack mitigation; Denial‐of‐service attacks (DoS); KNN; RYU controller; Software‐defined networking (SDN); Two‐Phase Authentication of Attack Detection; Machine learning (ML) |
| Public URL | https://rgu-repository.worktribe.com/output/2216588 |
Files
NISA 2024 TPAAD (VOR v1)
(2.5 Mb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by/4.0/
Version
Updated 2024-08-26
You might also like
Securing cyber-physical systems with two-level anomaly detection strategy.
(2024)
Presentation / Conference Contribution
MS-ADS: multistage spectrogram image-based anomaly detection system for IoT security.
(2023)
Journal Article
Lightweight multifactor authentication scheme for NextGen cellular networks.
(2022)
Journal Article
Anomaly detection using deep neural network for IoT architecture.
(2021)
Journal Article
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search