Machine Learning for IoT Security: Random Forest Model for DDoS Attack Detection

Software-Defined Networking (SDN) and Internet of Things (IoT) are the trends of network evolution. SDN mainly focuses on the upper-level control and management of networks, while IoT aims to bring devices together to enable sharing and monitoring of real-time behaviours through network connectivity. On the one hand, IoT enables us to gather status of devices and networks and to control them remotely. On the other hand, the rapidly growing number of devices challenges the management at the access and backbone layer and raises security concerns of network attacks, such as Distributed Denial of Service (DDoS). The combination of SDN and IoT leads to a promising approach that could alleviate the management issue. Indeed, the flexibility and programmability of SDN could help in simplifying the network setup. However, there is a need to make a security enhancement in the SDN-based IoT network for mitigating attacks involving IoT devices. Therefore, this work develops various machine learning algorithms such as SVM, Random Forest, XGBOOST, ADABOOST, KNN and Naïve Bayes for detecting and predicting DDoS attacks in IoT environment. Here, CIC dataset (contains 10 different attacks in IoT and 1 normal class) is used to train the network. Finally, the simulations revealed that the proposed random forest resulted in superior performance as compared to SVM, naive bayes methods