Botnet Attack Identification and Mitigation condition Software-Defined Networks Utilizing CNN Algorithm
Main Article Content
Abstract
One new design that makes managing and communicating across large-scale networks easier and more flexible is software-defined networking, or SDN. It allows for the smooth and dynamic execution of complicated network choices via programmable and centralized interfaces. But SDN opens doors for people and companies to tailor network apps to their needs, allowing them to enhance services. On the other hand, it began to encounter a host of new privacy and security issues and brought the dangers of one point of failure all at once. In most cases, hackers use OpenFlow switches to conduct botnets or distributed Denial of Service (DDoS) assaults against the controller. Popular security apps that use deep learning (DL) to quickly identify and counteract attacks are on the rise. Here, we examine botnet-based DDoS attack detection using DL approaches in an SDN-supported context and demonstrate their performance. For the assessment, we utilize a dataset that we just created ourselves. In order to choose the most useful subset of characteristics, we used weighting of features and tuning techniques. Using both a synthetic dataset and actual testbed conditions, we validate the measurements or simulation results. The primary objective of this research is to identify botnet-based DDoS assaults using easily-obtained characteristics and data using a lightweight DL approach with baseline hyper-parameters. We found that the DL technique's performance is affected by the optimal subset of features, and that the accuracy of predictions of the same approach may be varied with a different collection of features. Lastly, our empirical findings show that the CNN approach works better than both the dataset and the actual testbed environments. With CNN, the detection rate for typical flows is 99% and for malicious flows it drops to 97%.
Downloads
Metrics
Article Details
This work is licensed under a Creative Commons Attribution 4.0 International License.
You are free to:
- Share — copy and redistribute the material in any medium or format for any purpose, even commercially.
- Adapt — remix, transform, and build upon the material for any purpose, even commercially.
- The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
- Attribution — You must give appropriate credit , provide a link to the license, and indicate if changes were made . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
Notices:
You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation .
No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.
References
Cisco, “Cisco Predicts More IP Traffic in the Next Five Years Than in the History of the Internet,” Nov. 2018.
Z. Alansari, S. Soomro, M. R. Belgaum, and S. Shamshir band, “The rise of internet of things (iota) in big healthcare data: review and open research issues,” in Progress in Advanced Computing and Intelligent Engineering. Springer, 2018, pp. 675–685.
H. Arasteh, V. Hossein Nezhad, V. Loia, A. Tomasetti, O. Troisi, M. Shafie-khash, and P. Siano, “Iota-based smart cities: A survey,” in 2016 IEEE 16th International Conference on Environment and Electrical Engineering (EEEIC), 2016, pp. 1–6.
I. Al Redhawk, M. Allowably, B. Kant arci, Y. Jarawa, and H. T. Muftah, “A continuous diversified vehicular cloud service availability framework for smart cities,” Computer Networks, vol. 145, pp. 207–218, 2018.
Z. Dorfman, “Cyberattacks on iota devices surge 300% in 2019,‘measured in billions,’ report claims,” 2019.
C. Crane, “20 surprising iota statistics you don’t already know,” 2019.
A. Moubayed, A. Reface, and A. Shami, “Software-defined perimeter (sap): State of the art secure solution for modern networks,” IEEE Network, vol. 33, no. 5, pp. 226–233, Sep.- Oct. 2019.
P. Kumar, A. Moubayed, A. Reface, A. Shami, and J. Koil Pillai, “Performance analysis of sap for secure internal enterprises,” in 2019 IEEE Wireless Communications and Networking Conference (WCNC), Apr. 2019, pp. 1–6.
H. Hindy, D. Brossette, E. Bayne, A. K. Seam, C. Tachiais, R. Atkinson, and X. Billikens, “A taxonomy of network threats and the effect of current datasets on intrusion detection systems,” IEEE Access, vol. 8, pp. 104 650–104 675, 2020.
A. Moubayed, M. Inayat, A. B. Nassif, H. Lidiya, and A. Shami, “eLearning: Challenges and research opportunities using machine learning data analytics,” IEEE Access, vol. 6, pp. 39 117–39 138, 2018.
A. Moubayed, M. Inayat, A. Shami, and H. Lidiya, “Student engagement level in an e-learning environment: Clustering using k-means,” American Journal of Distance Education, vol. 34, no. 2, pp. 137–156, 2020.
——, “Relationship between student engagement and performance in e-learning environment using association rules,” in 2018 IEEE World Engineering Education Conference (EDUNINE), 2018, pp. 1–6.
M. Inayat, A. Moubayed, A. B. Nassif, and A. Shami, “Systematic ensemble model selection approach for educational data mining,” Knowledge-based Systems, vol. 200, p. 105992, Jul. 2020.
——, “multi-split optimized bagging ensemble model selection for multiclass educational data mining,” Applied Intelligence, pp. 1–23, Jul. 2020.
A. Moubayed, M. Inayat, A. Shami, and H. Lidiya, “DNS Typo Squatting Domain Detection: A Data Analytics & Machine Learning Based Approach,” in 2018 IEEE Global Communications Conference (GLOBECOM), Dec. 2018, pp. 1–7.
A. Moubayed, E. Areli, and A. Shami, “Ensemble-based feature selection and classification model for dens typo-squatting detection,” in 2020 IEEE Canadian Conference of Electrical and Computer Engineering (CCECE), Aug. 2020.
L. Yang and A. Shami, “On hyperparameter optimization of machine learning algorithms: Theory and practice,” Neurocomputing, 2020. [Online]. Available: http://www.sciencedirect.com/science/article/ pie/S0925231220311693
A. Moubayed, “Optimization Modelling and Machine Learning Techniques Towards Smarter Systems and Processes,” Ph.D. dissertation, University of Western Ontario, Aug. 2018.
M. Inayat, “Optimized Machine Learning Models Towards Intelligent Systems,” Ph.D. dissertation, University of Western Ontario, Aug. 2018.
L. Yang, A. Moubayed, I. Hamieh, and A. Shami, “Tree-based intelligent intrusion detection system in internet of vehicles,” in 2019 IEEE Global Communications Conference (GLOBECOM), Dec 2019, pp. 1–6.
M. Inayat, F. Salo, A. B. Nassif, A. Essex, and A. Shami, “Bayesian optimization with machine learning algorithms towards anomaly detection,” in 2018 IEEE Global Communications Conference (GLOBECOM), Dec 2018, pp. 1–6.
M. Inayat, A. Moubayed, A. B. Nassif, and A. Shami, “Multi-stage optimized machine learning framework for network intrusion detection,” IEEE Transactions on Network and Service Management, pp. 1–1, Aug. 2020.
F. Salo, M. Inada, A. Moubayed, A. B. Nassif, and A. Essex, “Clustering enabled classification using ensemble feature selection for intrusion detection,” in 2019 International Conference on Computing, Networking and Communications (ICNC), 2019, pp. 276–281.
M. A. Teixeira, T. Salman, M. Molinari, R. Jain, N. Meskin, and M. Samake, “Scada system testbed for cybersecurity research using machine learning approach,” Future Internet, vol. 10, no. 8, p. 76, 2018.
M. Almain, A. Abigale, A. Al-Raheem, S. Ataui, and A. Razzaque, “Deep recurrent neural network for iot intrusion detection system,” Simulation Modelling Practice and Theory, vol. 101, p. 102031, 2020.
E. Anthia, L. Williams, M. Soyinka, G. Theodorakopoulos, and P. Bur- ´ nap, “A supervised intrusion detection system for smart home iota devices,” IEEE Internet of Things Journal, vol. 6, no. 5, pp. 9042–9053, 2019.
Z. Chen, Q. Yan, H. Han, S. Wang, L. Peng, L. Wang, and B. Yang, “Machine learning based mobile malware detection using highly imbalanced network traffic,” Information Sciences, vol. 433, pp. 346–364, 2018.
N. V. Chawla, K. W. Bowyer, L. O. Hall, and W. P. Kielmeyer, “Smote: synthetic minority over-sampling technique,” Journal of artificial intelligence research, vol. 16, pp. 321–357, 2002.