A novel DDoS detection method using multi-layer stacking in SDN environment
Küçük Resim Yok
Tarih
2024-12-01
Yazarlar
Dergi Başlığı
Dergi ISSN
Cilt Başlığı
Yayıncı
Elsevier
Erişim Hakkı
info:eu-repo/semantics/closedAccess
Özet
Software Defined Network (SDN) offers virtualized services compatible with infrastructure hosted computing, presenting a flexible, adaptive, and economical network architecture. Switches used in SDN prioritize packet matching in flow tables above packet processing, leaving them open to Denial of Service (DoS) attacks. These attacks, exemplified by Distributed Denial of Service Attacks (DDoS), target a victim while using many infected workstations at once. Due to its scalability and programmability, SDN is being used more and more for network management. However, it has specific security concerns, such as the controller's susceptibility to cyberattacks, which might result in a single point of failure and network-wide risks. This study proposes a novel DDoS prediction model by developing stacking classifier model consisting of multiple base classifiers for an SDN environment. The proposed model is built on stacking several classifiers at the base level and the Meta level, which mixes varied or heterogeneous learners to provide reliable model results. The findings demonstrate that the proposed stacking model outperforms other existing models with respect to accuracy, sensitivity, specificity, precision, and F1 score. Finally, the stacking classifier model is evaluated in terms of binary classification. The evaluation shows the highest AUC of 0.9537 whereas Random Forest, Decision Tree, and Logistic Regression achieve AUC values around 0.93–0.95.
Açıklama
Anahtar Kelimeler
DDoS attacks, Machine learning (ML), RYU, Software-Defined Network (SDN), Stacking classifier
Kaynak
Computers and Electrical Engineering
WoS Q Değeri
Q2
Scopus Q Değeri
Q1
Cilt
120
Sayı
Part B
