Cybersecurity (Aug 2024)

Classification of DDoS attack traffic on SDN network environment using deep learning

  • Urikhimbam Boby Clinton,
  • Nazrul Hoque,
  • Khumukcham Robindro Singh

DOI
https://doi.org/10.1186/s42400-024-00219-7
Journal volume & issue
Vol. 7, no. 1
pp. 1 – 28

Abstract

Read online

Abstract Distributed Denial of Service (DDoS) attack is a major threat to the Internet of Things (IoT), Software Defined Networks (SDN), and Cloud Computing Networks. Due to the tremendous applications of IoT networks, the number of DDoS attacks is increasing significantly, and most sophisticated DDoS attacks are generated through IoT botnets. An IoT botnet-based DDoS attack can disrupt the network quickly with a surge of malicious traffic. Especially in an SDN network, it is important to detect the DDoS attack before it occurs to the SDN controller. DDoS attacks on the centralized controller of the SDN can disrupt the whole network. So, identifying DDoS attacks at the earliest is a critical security measure for network experts and practitioners. In this paper, we analyze the DDoS attack on an SDN environment and develop a method to identify the DDoS attack using Deep Learning (DL). The proposed method converts the captured raw network traffic to image data and classifies the malicious data from normal data. The method is evaluated on our test-bed simulated dataset and two other benchmark datasets. The experimental comparison shows that the proposed method performs better on all three datasets, giving more than 99% classification accuracy.

Keywords