Simulation of SDN in mininet and detection of DDoS attack using machine learning

P. Karthika, Karmel Arockiasamy

Abstract


Most contemporary businesses are embracing software defined networking (SDN), a developing architecture that enables an aerial-like perspective of the entire network. SDN operates by virtualizing the network and provides advantages including improved performance, visibility, speed, and scalability. SDN attempts to divide the network control plane from the forwarding plane. The control plane, which includes one or more controllers and incorporates complete intelligence, is thought of as the brain of the SDN. However, SDN has challenges with controller vulnerability, flexibility, and hardware security. But distributed denial of service (DDoS) assaults constitutes a serious threat to the SDN. Transmission control protocol-synchronized (TCP-SYN) floods, a common cyberattack that can harm SDNs, can deplete network resources by opening an excessive number of illegitimate TCP connections. In this research, we provide an OpenFlow port statistic-based architecture for machine learning (ML) enabled TCP-SYN flood detection. This research showed that ML models like support vector machine (SVM), Navie Bayes, and multi-layered perceptron can distinguish between regular traffic and SYN flood traffic and can mitigate the impacts of the attacking node on the network. Results showed that the multilayered perceptron can classify the traffic with highest accuracy of 99.75% for the simulation dataset.

Keywords


Detection; Machine learning; Mininet; Ryu; Software defined networking; Distributed denial of service

Full Text:

PDF


DOI: https://doi.org/10.11591/eei.v12i3.5232

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Bulletin of EEI Stats