Browsing by Author "Ermias Tsegu"

Now showing 1 - 1 of 1
  • No Thumbnail Available
    Item
    Ensemble-Based DDoS Attack Detection Model for Software-Defined Networks by Utilizing Flow-Based Features
    (Addis Ababa University, 2023-10) Ermias Tsegu; Ayalew Belay
    In this modern era, networking has advanced in a swift manner. The need for businesses to incorporate the benefits of having enormous amount of dynamic applications, services, physical objects, machines, etc is skyrocketing. Therefore, the networking infrastructure become more complex in terms of networking devices and resource utilization. Therefore, the traditional networking paradigm becomes ineffective and inefficient to handle those requirements. As a result, Software Defined Networking (SDN), gets more consideration from researchers and practitioners. In contrast to the traditional networking paradigm, SDN has efficient resource utilization, simple network management capability, better performance, network virtualization capability, and network programmability capability. But, it is with some serious network security issues like network tampering, unauthorized access, flow rule conflict, poor controller deployment, and Distributed Denial of Service attack (DDoS). Among these security issues DDoS is one of the devastating attacks on SDN. As a result, several studies are conducted to detect DDoS on SDN networks by utilizing statistical approaches, traditional machine learning (ML) approaches, and state-of-the-art techniques like DL. The traditional ML techniques are less efficient in contrast with the state-of-the-art approaches like DL. On the other hand, the state-of-the-art techniques are computationally complex. To overcome this problem, we proposed an ensemble-based DDoS detection model for SDN by utilizing flow-based dataset. The experiment is conducted using the InSDN dataset. The dataset contains the normal group that contains the normal traffic, the metasploitable-2 group which contains attacks that target the metasploitable-2 server, and the Open Virtual Switch (OVS) group contains attacks that target the OVS machine. Because the dataset contains attacks like DoS, DDoS, Web Attacks, R2L, Malware, Probe, and U2R attacks, it is a must for us to separate the DDoS attack data to prepare it for our purpose. Furthermore, we split the dataset into 70% for training, and 30% for testing purposes. The result shows that the adaptive boosting ensemble technique has the highest accuracy with a value of 100%. But, when it comes to latency the gradient boosting algorithm has the minimum latency with a value of 60.6 ms. On the contrary, the KNN_DT-based stacking algorithm has the highest latency with 119,431.5 ms