Design a Robust DDoS Attack Detection and Mitigation Scheme in SDN-Edge-IoT by Leveraging Machine Learning
The Internet of Things (IoT) has rapidly expanded, providing significant benefits across various fields. However, the complexity of IoT networks, with their resource-constrained devices, presents substantial security challenges, particularly Distributed Denial of Service (DDoS) attacks. Integrating...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10829958/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832592951008559104 |
|---|---|
| author | Habtamu Molla Belachew Mulatu Yirga Beyene Abinet Bizuayehu Desta Behaylu Tadele Alemu Salahadin Seid Musa Alemu Jorgi Muhammed |
| author_facet | Habtamu Molla Belachew Mulatu Yirga Beyene Abinet Bizuayehu Desta Behaylu Tadele Alemu Salahadin Seid Musa Alemu Jorgi Muhammed |
| author_sort | Habtamu Molla Belachew |
| collection | DOAJ |
| description | The Internet of Things (IoT) has rapidly expanded, providing significant benefits across various fields. However, the complexity of IoT networks, with their resource-constrained devices, presents substantial security challenges, particularly Distributed Denial of Service (DDoS) attacks. Integrating Software Defined Networking (SDN) with IoT has emerged as a promising solution to enhance security. Despite this, DDoS attacks through IoT botnets remain a significant threat. Existing studies on DDoS detection in SDN-IoT networks often suffer from inefficient detection accuracy due to poor algorithm design and latency issues arising from deploying models in the control plane. This study aims to improve DDoS detection accuracy by training a robust Machine Learning (ML) model using effective hyper-parameter tuning and Cross-Validation (CV) techniques. To mitigate latency issues, we deploy the model at the edge of the SDN-IoT network, enforcing mitigation rules through the SDN controller. We evaluated four popular classifiers (K-Nearest Neighbor (K-NN), Random Forest (RF), eXtreme Gradient Boosting (XGBoost), and FeedForward Neural Network (FFNN)) on benchmark datasets CICIDS2017 and Edge-IIoTset, conducting both binary and multi-class classifications. Our implementation using the Mininet-WiFi emulation tool revealed that XGBoost outperformed others in binary DDoS detection, achieving accuracy, precision, recall, and F1-score all above 99.997%, with a testing time of 3.559 seconds on the Edge-IIoTset dataset. Compared to recent studies, the proposed approach demonstrates XGBoost’s clear superiority. Consequently, XGBoost was deployed at the edge of the SDN-IoT for live traffic classification, showing improved performance by classifying live traffic within 3.946 ms and using only 8.80% of memory with a 0.5-second window size. |
| format | Article |
| id | doaj-art-b51fec71a8af42428d77953eebf97132 |
| institution | Kabale University |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-b51fec71a8af42428d77953eebf971322025-01-21T00:01:43ZengIEEEIEEE Access2169-35362025-01-0113101941021410.1109/ACCESS.2025.352669210829958Design a Robust DDoS Attack Detection and Mitigation Scheme in SDN-Edge-IoT by Leveraging Machine LearningHabtamu Molla Belachew0https://orcid.org/0009-0005-8239-3585Mulatu Yirga Beyene1https://orcid.org/0009-0003-0066-9935Abinet Bizuayehu Desta2https://orcid.org/0009-0001-3350-7014Behaylu Tadele Alemu3https://orcid.org/0009-0002-8373-0588Salahadin Seid Musa4https://orcid.org/0000-0002-0743-8238Alemu Jorgi Muhammed5Department of Information Technology, Debark University, Debark, EthiopiaDepartment of Information Technology, Debark University, Debark, EthiopiaDepartment of Information Technology, Debark University, Debark, EthiopiaDepartment of Computer Science, Debark University, Debark, EthiopiaDepartment of Computer Science, KIoT, Wollo University, Kombolcha, EthiopiaDepartment of Information Technology, KIoT, Wollo University, Kombolcha, EthiopiaThe Internet of Things (IoT) has rapidly expanded, providing significant benefits across various fields. However, the complexity of IoT networks, with their resource-constrained devices, presents substantial security challenges, particularly Distributed Denial of Service (DDoS) attacks. Integrating Software Defined Networking (SDN) with IoT has emerged as a promising solution to enhance security. Despite this, DDoS attacks through IoT botnets remain a significant threat. Existing studies on DDoS detection in SDN-IoT networks often suffer from inefficient detection accuracy due to poor algorithm design and latency issues arising from deploying models in the control plane. This study aims to improve DDoS detection accuracy by training a robust Machine Learning (ML) model using effective hyper-parameter tuning and Cross-Validation (CV) techniques. To mitigate latency issues, we deploy the model at the edge of the SDN-IoT network, enforcing mitigation rules through the SDN controller. We evaluated four popular classifiers (K-Nearest Neighbor (K-NN), Random Forest (RF), eXtreme Gradient Boosting (XGBoost), and FeedForward Neural Network (FFNN)) on benchmark datasets CICIDS2017 and Edge-IIoTset, conducting both binary and multi-class classifications. Our implementation using the Mininet-WiFi emulation tool revealed that XGBoost outperformed others in binary DDoS detection, achieving accuracy, precision, recall, and F1-score all above 99.997%, with a testing time of 3.559 seconds on the Edge-IIoTset dataset. Compared to recent studies, the proposed approach demonstrates XGBoost’s clear superiority. Consequently, XGBoost was deployed at the edge of the SDN-IoT for live traffic classification, showing improved performance by classifying live traffic within 3.946 ms and using only 8.80% of memory with a 0.5-second window size.https://ieeexplore.ieee.org/document/10829958/Distributed denial of serviceedge computingInternet of Thingsmachine learningsoftware defined networkingSDN-Edge-IoT |
| spellingShingle | Habtamu Molla Belachew Mulatu Yirga Beyene Abinet Bizuayehu Desta Behaylu Tadele Alemu Salahadin Seid Musa Alemu Jorgi Muhammed Design a Robust DDoS Attack Detection and Mitigation Scheme in SDN-Edge-IoT by Leveraging Machine Learning IEEE Access Distributed denial of service edge computing Internet of Things machine learning software defined networking SDN-Edge-IoT |
| title | Design a Robust DDoS Attack Detection and Mitigation Scheme in SDN-Edge-IoT by Leveraging Machine Learning |
| title_full | Design a Robust DDoS Attack Detection and Mitigation Scheme in SDN-Edge-IoT by Leveraging Machine Learning |
| title_fullStr | Design a Robust DDoS Attack Detection and Mitigation Scheme in SDN-Edge-IoT by Leveraging Machine Learning |
| title_full_unstemmed | Design a Robust DDoS Attack Detection and Mitigation Scheme in SDN-Edge-IoT by Leveraging Machine Learning |
| title_short | Design a Robust DDoS Attack Detection and Mitigation Scheme in SDN-Edge-IoT by Leveraging Machine Learning |
| title_sort | design a robust ddos attack detection and mitigation scheme in sdn edge iot by leveraging machine learning |
| topic | Distributed denial of service edge computing Internet of Things machine learning software defined networking SDN-Edge-IoT |
| url | https://ieeexplore.ieee.org/document/10829958/ |
| work_keys_str_mv | AT habtamumollabelachew designarobustddosattackdetectionandmitigationschemeinsdnedgeiotbyleveragingmachinelearning AT mulatuyirgabeyene designarobustddosattackdetectionandmitigationschemeinsdnedgeiotbyleveragingmachinelearning AT abinetbizuayehudesta designarobustddosattackdetectionandmitigationschemeinsdnedgeiotbyleveragingmachinelearning AT behaylutadelealemu designarobustddosattackdetectionandmitigationschemeinsdnedgeiotbyleveragingmachinelearning AT salahadinseidmusa designarobustddosattackdetectionandmitigationschemeinsdnedgeiotbyleveragingmachinelearning AT alemujorgimuhammed designarobustddosattackdetectionandmitigationschemeinsdnedgeiotbyleveragingmachinelearning |