DDoS Attack Detection in SDN-Assisted Federated Learning Environment Based on Contrastive Learning
Software-defined networking (SDN)-assisted federated learning (FL) is an emerging network computing environment. It can not only shorten the training time of federated learning while maintaining high learning performance, but also enhance the security of the FL network. However, compared with tradit...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/11048486/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849432783083012096 |
|---|---|
| author | Minghong Fan Jinghua Lan Yiyi Zhou Mengshuang Pan Junrong Li Daqiang Zhang |
| author_facet | Minghong Fan Jinghua Lan Yiyi Zhou Mengshuang Pan Junrong Li Daqiang Zhang |
| author_sort | Minghong Fan |
| collection | DOAJ |
| description | Software-defined networking (SDN)-assisted federated learning (FL) is an emerging network computing environment. It can not only shorten the training time of federated learning while maintaining high learning performance, but also enhance the security of the FL network. However, compared with traditional FL networks, SDN-assisted FL technology introduces new security threats. Distributed denial of service(DDoS) attacks are an important security threat for the SDN service in FL. In the SDN-assisted FL environment, the FL network requires the interaction of model parameters among multiple participants. During this process, DDoS attacks may target the SDN control plane, disrupt its normal operation, and thus affect the transmission of model parameters in FL. Hence, this paper proposes a novel approach to detecting and identifying DDoS attacks based on contrastive learning (CL), an adversarial learning framework based on two-layer deep neural networks. The framework features a two-layer classification structure. In the first layer, we integrate Long Short-Term Memory (LSTM) and Support Vector Machine (SVM) to identify DDoS attacks. In the second layer, we enhance the classifier structure by combining Convolutional Neural Network (CNN) and Bidirectional Gated Recurrent Unit (BiGRU). This layer can be optimized based on the contrastive classification loss from the LSTM-SVM classifier in the first layer. We conducted experiments on a specific SDN dataset generated by the Mininet emulator. The results show that for the LSTM-SVM model, the detection accuracy reaches 99.75%, and the recall rate is 99.80%. For the CNN-BiGRU model, the detection accuracy rate is 99.36%, and the recall rate is 99.55%. Overall, the proposed CL model can effectively identify DDoS attack traffic in SDN-assisted FL environments, demonstrating high detection performance. However, the model may face challenges such as high computational resource requirements and insufficient adaptability to complex network environments when deployed in practice. Further optimization is needed to facilitate its broader application. |
| format | Article |
| id | doaj-art-3faceafdd662483387286bb728cfc0d7 |
| institution | Kabale University |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-3faceafdd662483387286bb728cfc0d72025-08-20T03:27:17ZengIEEEIEEE Access2169-35362025-01-011310879810881410.1109/ACCESS.2025.358244511048486DDoS Attack Detection in SDN-Assisted Federated Learning Environment Based on Contrastive LearningMinghong Fan0https://orcid.org/0009-0002-8080-2304Jinghua Lan1https://orcid.org/0009-0004-6589-687XYiyi Zhou2Mengshuang Pan3Junrong Li4Daqiang Zhang5https://orcid.org/0000-0002-3812-1225School of Computer Engineering, Jimei University, Xiamen, ChinaDepartment of Computer Science and Engineering, Shaoxing University, Shaoxing, ChinaCollege of Letters and Science, University of California at Berkeley, Berkeley, CA, USADepartment of Computer Science and Engineering, Shaoxing University, Shaoxing, ChinaSchool of Data Science, Lingnan University, Tuen Mun, Hong KongSchool of Software Engineering, Tongji University, Shanghai, ChinaSoftware-defined networking (SDN)-assisted federated learning (FL) is an emerging network computing environment. It can not only shorten the training time of federated learning while maintaining high learning performance, but also enhance the security of the FL network. However, compared with traditional FL networks, SDN-assisted FL technology introduces new security threats. Distributed denial of service(DDoS) attacks are an important security threat for the SDN service in FL. In the SDN-assisted FL environment, the FL network requires the interaction of model parameters among multiple participants. During this process, DDoS attacks may target the SDN control plane, disrupt its normal operation, and thus affect the transmission of model parameters in FL. Hence, this paper proposes a novel approach to detecting and identifying DDoS attacks based on contrastive learning (CL), an adversarial learning framework based on two-layer deep neural networks. The framework features a two-layer classification structure. In the first layer, we integrate Long Short-Term Memory (LSTM) and Support Vector Machine (SVM) to identify DDoS attacks. In the second layer, we enhance the classifier structure by combining Convolutional Neural Network (CNN) and Bidirectional Gated Recurrent Unit (BiGRU). This layer can be optimized based on the contrastive classification loss from the LSTM-SVM classifier in the first layer. We conducted experiments on a specific SDN dataset generated by the Mininet emulator. The results show that for the LSTM-SVM model, the detection accuracy reaches 99.75%, and the recall rate is 99.80%. For the CNN-BiGRU model, the detection accuracy rate is 99.36%, and the recall rate is 99.55%. Overall, the proposed CL model can effectively identify DDoS attack traffic in SDN-assisted FL environments, demonstrating high detection performance. However, the model may face challenges such as high computational resource requirements and insufficient adaptability to complex network environments when deployed in practice. Further optimization is needed to facilitate its broader application.https://ieeexplore.ieee.org/document/11048486/Software-defined networkfederated learningdistributed denial of servicesupport vector machinerecurrent neural networklong and short-term memory neural network |
| spellingShingle | Minghong Fan Jinghua Lan Yiyi Zhou Mengshuang Pan Junrong Li Daqiang Zhang DDoS Attack Detection in SDN-Assisted Federated Learning Environment Based on Contrastive Learning IEEE Access Software-defined network federated learning distributed denial of service support vector machine recurrent neural network long and short-term memory neural network |
| title | DDoS Attack Detection in SDN-Assisted Federated Learning Environment Based on Contrastive Learning |
| title_full | DDoS Attack Detection in SDN-Assisted Federated Learning Environment Based on Contrastive Learning |
| title_fullStr | DDoS Attack Detection in SDN-Assisted Federated Learning Environment Based on Contrastive Learning |
| title_full_unstemmed | DDoS Attack Detection in SDN-Assisted Federated Learning Environment Based on Contrastive Learning |
| title_short | DDoS Attack Detection in SDN-Assisted Federated Learning Environment Based on Contrastive Learning |
| title_sort | ddos attack detection in sdn assisted federated learning environment based on contrastive learning |
| topic | Software-defined network federated learning distributed denial of service support vector machine recurrent neural network long and short-term memory neural network |
| url | https://ieeexplore.ieee.org/document/11048486/ |
| work_keys_str_mv | AT minghongfan ddosattackdetectioninsdnassistedfederatedlearningenvironmentbasedoncontrastivelearning AT jinghualan ddosattackdetectioninsdnassistedfederatedlearningenvironmentbasedoncontrastivelearning AT yiyizhou ddosattackdetectioninsdnassistedfederatedlearningenvironmentbasedoncontrastivelearning AT mengshuangpan ddosattackdetectioninsdnassistedfederatedlearningenvironmentbasedoncontrastivelearning AT junrongli ddosattackdetectioninsdnassistedfederatedlearningenvironmentbasedoncontrastivelearning AT daqiangzhang ddosattackdetectioninsdnassistedfederatedlearningenvironmentbasedoncontrastivelearning |