Advanced Support Vector Machine- (ASVM-) Based Detection for Distributed Denial of Service (DDoS) Attack on Software Defined Networking (SDN)
Software Defined Networking (SDN) has many advantages over a traditional network. The great advantage of SDN is that the network control is physically separated from forwarding devices. SDN can solve many security issues of a legacy network. Nevertheless, SDN has many security vulnerabilities. The b...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2019-01-01
|
| Series: | Journal of Computer Networks and Communications |
| Online Access: | http://dx.doi.org/10.1155/2019/8012568 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850168641604026368 |
|---|---|
| author | Myo Myint Oo Sinchai Kamolphiwong Thossaporn Kamolphiwong Sangsuree Vasupongayya |
| author_facet | Myo Myint Oo Sinchai Kamolphiwong Thossaporn Kamolphiwong Sangsuree Vasupongayya |
| author_sort | Myo Myint Oo |
| collection | DOAJ |
| description | Software Defined Networking (SDN) has many advantages over a traditional network. The great advantage of SDN is that the network control is physically separated from forwarding devices. SDN can solve many security issues of a legacy network. Nevertheless, SDN has many security vulnerabilities. The biggest issue of SDN vulnerabilities is Distributed Denial of Service (DDoS) attack. The DDoS attack on SDN becomes an important problem, and varieties of methods had been applied for detection and mitigation purposes. The objectives of this paper are to propose a detection method of DDoS attacks by using SDN based technique that will disturb the legitimate user's activities at the minimum and to propose Advanced Support Vector Machine (ASVM) technique as an enhancement of existing Support Vector Machine (SVM) algorithm to detect DDoS attacks. ASVM technique is a multiclass classification method consisting of three classes. In this paper, we can successfully detect two types of flooding-based DDoS attacks. Our detection technique can reduce the training time as well as the testing time by using two key features, namely, the volumetric and the asymmetric features. We evaluate the results by measuring a false alarm rate, a detection rate, and accuracy. The detection accuracy of our detection technique is approximately 97% with the fastest training time and testing time. |
| format | Article |
| id | doaj-art-a26a89af50cf46c3b3e4da5980400897 |
| institution | OA Journals |
| issn | 2090-7141 2090-715X |
| language | English |
| publishDate | 2019-01-01 |
| publisher | Wiley |
| record_format | Article |
| series | Journal of Computer Networks and Communications |
| spelling | doaj-art-a26a89af50cf46c3b3e4da59804008972025-08-20T02:20:55ZengWileyJournal of Computer Networks and Communications2090-71412090-715X2019-01-01201910.1155/2019/80125688012568Advanced Support Vector Machine- (ASVM-) Based Detection for Distributed Denial of Service (DDoS) Attack on Software Defined Networking (SDN)Myo Myint Oo0Sinchai Kamolphiwong1Thossaporn Kamolphiwong2Sangsuree Vasupongayya3Department of Computer Engineering, Faculty of Engineering, Prince of Songkla University (Hatyai Campus), Hatyai, Songkhla 90110, ThailandDepartment of Computer Engineering, Faculty of Engineering, Prince of Songkla University (Hatyai Campus), Hatyai, Songkhla 90110, ThailandDepartment of Computer Engineering, Faculty of Engineering, Prince of Songkla University (Hatyai Campus), Hatyai, Songkhla 90110, ThailandDepartment of Computer Engineering, Faculty of Engineering, Prince of Songkla University (Hatyai Campus), Hatyai, Songkhla 90110, ThailandSoftware Defined Networking (SDN) has many advantages over a traditional network. The great advantage of SDN is that the network control is physically separated from forwarding devices. SDN can solve many security issues of a legacy network. Nevertheless, SDN has many security vulnerabilities. The biggest issue of SDN vulnerabilities is Distributed Denial of Service (DDoS) attack. The DDoS attack on SDN becomes an important problem, and varieties of methods had been applied for detection and mitigation purposes. The objectives of this paper are to propose a detection method of DDoS attacks by using SDN based technique that will disturb the legitimate user's activities at the minimum and to propose Advanced Support Vector Machine (ASVM) technique as an enhancement of existing Support Vector Machine (SVM) algorithm to detect DDoS attacks. ASVM technique is a multiclass classification method consisting of three classes. In this paper, we can successfully detect two types of flooding-based DDoS attacks. Our detection technique can reduce the training time as well as the testing time by using two key features, namely, the volumetric and the asymmetric features. We evaluate the results by measuring a false alarm rate, a detection rate, and accuracy. The detection accuracy of our detection technique is approximately 97% with the fastest training time and testing time.http://dx.doi.org/10.1155/2019/8012568 |
| spellingShingle | Myo Myint Oo Sinchai Kamolphiwong Thossaporn Kamolphiwong Sangsuree Vasupongayya Advanced Support Vector Machine- (ASVM-) Based Detection for Distributed Denial of Service (DDoS) Attack on Software Defined Networking (SDN) Journal of Computer Networks and Communications |
| title | Advanced Support Vector Machine- (ASVM-) Based Detection for Distributed Denial of Service (DDoS) Attack on Software Defined Networking (SDN) |
| title_full | Advanced Support Vector Machine- (ASVM-) Based Detection for Distributed Denial of Service (DDoS) Attack on Software Defined Networking (SDN) |
| title_fullStr | Advanced Support Vector Machine- (ASVM-) Based Detection for Distributed Denial of Service (DDoS) Attack on Software Defined Networking (SDN) |
| title_full_unstemmed | Advanced Support Vector Machine- (ASVM-) Based Detection for Distributed Denial of Service (DDoS) Attack on Software Defined Networking (SDN) |
| title_short | Advanced Support Vector Machine- (ASVM-) Based Detection for Distributed Denial of Service (DDoS) Attack on Software Defined Networking (SDN) |
| title_sort | advanced support vector machine asvm based detection for distributed denial of service ddos attack on software defined networking sdn |
| url | http://dx.doi.org/10.1155/2019/8012568 |
| work_keys_str_mv | AT myomyintoo advancedsupportvectormachineasvmbaseddetectionfordistributeddenialofserviceddosattackonsoftwaredefinednetworkingsdn AT sinchaikamolphiwong advancedsupportvectormachineasvmbaseddetectionfordistributeddenialofserviceddosattackonsoftwaredefinednetworkingsdn AT thossapornkamolphiwong advancedsupportvectormachineasvmbaseddetectionfordistributeddenialofserviceddosattackonsoftwaredefinednetworkingsdn AT sangsureevasupongayya advancedsupportvectormachineasvmbaseddetectionfordistributeddenialofserviceddosattackonsoftwaredefinednetworkingsdn |