COMPARISON OF MACHINE LEARNING TECHNIQUES FOR CLASSIFICATION OF DISTRIBUTED DENIAL OF SERVICE ATTACKS BASED ON FEATURE ENGINEERING IN SDN-BASED NETWORKS

Muhammad Ikhwananda Rizaldi
Didih Rizki Chandranegara - [ https://orcid.org/0000-0002-9026-0863 ]
Denar Regata Akbi - [ https://orcid.org/0000-0001-9832-609X ]


DOI: https://doi.org/10.29100/jipi.v9i3.5262

Abstract


Distributed Denial-of-Service (DDoS) attacks present a noteworthy cybersecurity hazard to software-defined networks (SDNs). This investigation presents an approach that depends on feature engineering and machine learning to discern DDoS attacks in SDNs. Initially, the dataset acquired from Kaggle goes through cleansing and normalization procedures, and the optimal subset of features is determined by employing the Correlation-based Feature Selection (CFS) algorithm. Subsequently, the optimal subset of features is trained and evaluated utilizing diverse Machine Learning algorithms, specifically Random Forest (RF), Decision Tree, Adaptive Boosting (AdaBoost), K-Nearest Neighbor (k-NN), Gradient Boosting, Extreme Gradient Boosting (XGBoost), Light Gradient Boosting Machine (LightGBM), and Categorical Boosting (CatBoost). The outcomes demonstrate that XGBoost outperforms the other algorithms in various performance metrics (e.g., accuracy, precision, recall, F1, and AUC values). Furthermore, a comparative analysis was carried out among various models and algorithms, revealing that the technique proposed by the researchers yielded the most favourable outcomes and effectively detected and identified DDoS attacks in SDN. Consequently, this investigation provides a novel perspective and resolution for SDN security.

Keywords


Software-Defined Networking; DDoS Attacks; Feature Engineering; Machine Learning; Cor-relation-Based Feature Selection

Full Text:

PDF

Article Metrics :

References


C. Raju, S. Rajagopal, K. Venusamy, K. Suriyan, and M. Alagarsamy, ‘SDSFLF: fault localization framework for optical communica-tion using software digital switching network’, International Journal of Reconfigurable and Embedded Systems (IJRES), vol. 12, no. 1, p. 113, Mar. 2023, doi: 10.11591/ijres.v12.i1.pp113-124.

L. Shi, Y. Song, Z. Xue, Y. Liu, and H. Chen, ‘SACT: A New Model of Covert Communication Based on SDN’, Sensors, vol. 20, no. 24, p. 7300, Dec. 2020, doi: 10.3390/s20247300.

P. Radoglou Grammatikis, P. Sarigiannidis, G. Efstathopoulos, and E. Panaousis, ‘ARIES: A Novel Multivariate Intrusion Detection System for Smart Grid’, Sensors, vol. 20, no. 18, p. 5305, Sep. 2020, doi: 10.3390/s20185305.

A. O. Alzahrani and M. J. F. Alenazi, ‘Designing a Network Intrusion Detection System Based on Machine Learning for Software Defined Networks’, Future Internet, vol. 13, no. 5, p. 111, Apr. 2021, doi: 10.3390/fi13050111.

S. Ramesh, S. Nirmalraj, S. Murugan, R. Manikandan, and F. Al-Turjman, ‘Optimization of Energy and Security in Mobile Sensor Network Using Classification Based Signal Processing in Heterogeneous Network’, J Signal Process Syst, vol. 95, no. 2–3, pp. 153–160, Mar. 2023, doi: 10.1007/s11265-021-01690-y.

S.-J. Young, S.-J. Chang, S. D. Prior, and L.-W. Ji, ‘Special Issue: Selected Papers from IEEE ICASI 2019’, Applied Sciences, vol. 10, no. 8, p. 2652, Apr. 2020, doi: 10.3390/app10082652.

Y. Song and L. Zhao, ‘Skill Movement Trajectory Recognition of Freestyle Skiing U-Shaped Field Based on Deep Learning and Multi-target Tracking Algorithm’, Comput Intell Neurosci, vol. 2022, pp. 1–12, Aug. 2022, doi: 10.1155/2022/7992045.

Jay Kumar Jain, Akhilesh A. Waoo, and Dipti Chauhan, ‘A Literature Review on Machine Learning for Cyber Security Issues’, Inter-national Journal of Scientific Research in Computer Science, Engineering and Information Technology, pp. 374–385, Dec. 2022, doi: 10.32628/CSEIT228654.

H. Polat, O. Polat, and A. Cetin, ‘Detecting DDoS Attacks in Software-Defined Networks Through Feature Selection Methods and Machine Learning Models’, Sustainability, vol. 12, no. 3, p. 1035, Feb. 2020, doi: 10.3390/su12031035.

H. Beitollahi, D. M. Sharif, and M. Fazeli, ‘Application Layer DDoS Attack Detection Using Cuckoo Search Algorithm-Trained Radial Basis Function’, IEEE Access, vol. 10, pp. 63844–63854, 2022, doi: 10.1109/ACCESS.2022.3182818.

A. Mishra, N. Gupta, and B. B. Gupta, ‘Defensive mechanism against DDoS attack based on feature selection and multi-classifier algorithms’, Telecommun Syst, vol. 82, no. 2, pp. 229–244, Feb. 2023, doi: 10.1007/s11235-022-00981-4.

M. Aamir and S. M. A. Zaidi, ‘DDoS attack detection with feature engineering and machine learning: the framework and performance evaluation’, Int J Inf Secur, vol. 18, no. 6, pp. 761–785, Dec. 2019, doi: 10.1007/s10207-019-00434-1.

A. Maheshwari, B. Mehraj, M. S. Khan, and M. S. Idrisi, ‘An optimized weighted voting based ensemble model for DDoS attack de-tection and mitigation in SDN environment’, Microprocess Microsyst, vol. 89, p. 104412, Mar. 2022, doi: 10.1016/j.micpro.2021.104412.

D. Akgun, S. Hizal, and U. Cavusoglu, ‘A new DDoS attacks intrusion detection model based on deep learning for cybersecurity’, Comput Secur, vol. 118, p. 102748, Jul. 2022, doi: 10.1016/j.cose.2022.102748.

G. Karatas, O. Demir, and O. K. Sahingoz, ‘Increasing the Performance of Machine Learning-Based IDSs on an Imbalanced and Up-to-Date Dataset’, IEEE Access, vol. 8, pp. 32150–32162, 2020, doi: 10.1109/ACCESS.2020.2973219.

H. A. Yanti, H. Sukoco, and S. N. Neyman, ‘Pemodelan Identifikasi Trafik Bittorrent Dengan Pendekatan Correlation Based Feature Selection (CFS) Menggunakan Algoritme Decision Tree (C4.5)’, CESS (Journal of Computer Engineering, System and Science), vol. 6, no. 1, p. 1, Jan. 2021, doi: 10.24114/cess.v6i1.20855.

S. Dong and M. Sarem, ‘DDoS Attack Detection Method Based on Improved KNN With the Degree of DDoS Attack in Software-Defined Networks’, IEEE Access, vol. 8, pp. 5039–5048, 2020, doi: 10.1109/ACCESS.2019.2963077.

subhajournal, ‘https://www.kaggle.com/datasets/subhajournal/sdn-intrusion-detection/data’.

A. H. Márquez, A. G. Arenas, and G. L. M. Luna, ‘Feature Selection Ordered By Correlation - FSOC’, Computación y Sistemas, vol. 27, no. 1, Mar. 2023, doi: 10.13053/cys-27-1-3982.

B. Alhijawi, S. Almajali, H. Elgala, H. Bany Salameh, and M. Ayyash, ‘A survey on DoS/DDoS mitigation techniques in SDNs: Classi-fication, comparison, solutions, testing tools and datasets’, Computers and Electrical Engineering, vol. 99, p. 107706, Apr. 2022, doi: 10.1016/j.compeleceng.2022.107706.

M. Alduailij, Q. W. Khan, M. Tahir, M. Sardaraz, M. Alduailij, and F. Malik, ‘Machine-Learning-Based DDoS Attack Detection Using Mutual Information and Random Forest Feature Importance Method’, Symmetry (Basel), vol. 14, no. 6, p. 1095, May 2022, doi: 10.3390/sym14061095.

Z. Liu, Y. Wang, F. Feng, Y. Liu, Z. Li, and Y. Shan, ‘A DDoS Detection Method Based on Feature Engineering and Machine Learning in Software-Defined Networks’, Sensors, vol. 23, no. 13, p. 6176, Jul. 2023, doi: 10.3390/s23136176.

W. Chen, Q. Sun, J. Wang, J.-J. Dong, and C. Xu, ‘A Novel Model Based on AdaBoost and Deep CNN for Vehicle Classification’, IEEE Access, vol. 6, pp. 60445–60455, 2019, doi: 10.1109/ACCESS.2018.2875525.

Z. Ma and B. Li, ‘A DDoS attack detection method based on SVM and K-nearest neighbour in SDN environment’, International Jour-nal of Computational Science and Engineering, vol. 23, no. 3, p. 224, 2020, doi: 10.1504/IJCSE.2020.111431.

H. A. Alamri and V. Thayananthan, ‘Bandwidth Control Mechanism and Extreme Gradient Boosting Algorithm for Protecting Soft-ware-Defined Networks Against DDoS Attacks’, IEEE Access, vol. 8, pp. 194269–194288, 2020, doi: 10.1109/ACCESS.2020.3033942.

Z. Mei, W. Yu, W. Tang, J. Yu, and Z. Cai, ‘Attention mechanism‐based model for short‐term bus traffic passenger volume predic-tion’, IET Intelligent Transport Systems, vol. 17, no. 4, pp. 767–779, Apr. 2023, doi: 10.1049/itr2.12302.

M. H. Rahmatul Kholiq, W. Wiranto, and S. Widya Sihwi, ‘News classification using light gradient boosted machine algorithm’, Indo-nesian Journal of Electrical Engineering and Computer Science, vol. 27, no. 1, p. 206, Jul. 2022, doi: 10.11591/ijeecs.v27.i1.pp206-213.

D. Tu, F. Luo, D. Wang, and Y. Cai, ‘flexCAT: Computerized Adaptive Test Development Platform’, Chinese/English Journal of Edu-cational Measurement and Evaluation, vol. 4, no. 1, Jun. 2023, doi: 10.59863/GXZD9076.

Z. Wang, C. Cao, and Y. Zhu, ‘Entropy and Confidence-Based Undersampling Boosting Random Forests for Imbalanced Problems’, IEEE Trans Neural Netw Learn Syst, vol. 31, no. 12, pp. 5178–5191, Dec. 2020, doi: 10.1109/TNNLS.2020.2964585.

O. Almomani, ‘A Feature Selection Model for Network Intrusion Detection System Based on PSO, GWO, FFA and GA Algorithms’, Symmetry (Basel), vol. 12, no. 6, p. 1046, Jun. 2020, doi: 10.3390/sym12061046.

H. Polat, M. Türkoğlu, O. Polat, and A. Şengür, ‘A novel approach for accurate detection of the DDoS attacks in SDN-based SCADA systems based on deep recurrent neural networks’, Expert Syst Appl, vol. 197, p. 116748, Jul. 2022, doi: 10.1016/j.eswa.2022.116748.

A. Thangasamy, B. Sundan, and L. Govindaraj, ‘A Novel Framework for DDoS Attacks Detection Using Hybrid LSTM Techniques’, Computer Systems Science and Engineering, vol. 45, no. 3, pp. 2553–2567, 2023, doi: 10.32604/csse.2023.032078.

N. Ahuja, G. Singal, D. Mukhopadhyay, and N. Kumar, ‘Automated DDOS attack detection in software defined networking’, Journal of Network and Computer Applications, vol. 187, p. 103108, Aug. 2021, doi: 10.1016/j.jnca.2021.103108.