An Evolutionary SVM Model for DDOS Attack Detection in Software Defined Networks

Kshira Sagar Sahoo; Bata Krishna Tripathy; Kshirasagar Naik; Somula Ramasubbareddy; Balamurugan Balusamy; Manju Khari; Daniel Burgos

doi:10.1109/ACCESS.2020.3009733

IEEE Access (Jan 2020)

An Evolutionary SVM Model for DDOS Attack Detection in Software Defined Networks

Kshira Sagar Sahoo,
Bata Krishna Tripathy,
Kshirasagar Naik,
Somula Ramasubbareddy,
Balamurugan Balusamy,
Manju Khari,
Daniel Burgos

Affiliations

Kshira Sagar Sahoo: ORCiD; Department of Information Technology, VNRVJIET, Hyderabad, India
Bata Krishna Tripathy: ORCiD; School of Electrical Sciences, Indian Institute of Technology Bhubaneswar, Bhubaneswar, India
Kshirasagar Naik: ORCiD; Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, ON, Canada
Somula Ramasubbareddy: ORCiD; Department of Information Technology, VNRVJIET, Hyderabad, India
Balamurugan Balusamy: ORCiD; School of Computing Science and Engineering, Galgotias University, Greater Noida, India
Manju Khari: ORCiD; Department of CSE, AIACTR, New Delhi, India
Daniel Burgos: ORCiD; Research Institute for Innovation & Technology in Education (UNIR iTED), Universidad Internacional de La Rioja (UNIR), New Delhi, Spain

DOI: https://doi.org/10.1109/ACCESS.2020.3009733
Journal volume & issue: Vol. 8
pp. 132502 – 132513

Abstract

Read online

Software-Defined Network (SDN) has become a promising network architecture in current days that provide network operators more control over the network infrastructure. The controller, also called as the operating system of the SDN, is responsible for running various network applications and maintaining several network services and functionalities. Despite all its capabilities, the introduction of various architectural entities of SDN poses many security threats and potential targets. Distributed Denial of Services (DDoS) is a rapidly growing attack that poses a tremendous threat to the Internet. As the control layer is vulnerable to DDoS attacks, the goal of this paper is to detect the attack traffic, by taking the centralized control aspect of SDN. Nowadays, in the field of SDN, various machine learning (ML) techniques are being deployed for detecting malicious traffic. Despite these works, choosing the relevant features and accurate classifiers for attack detection is an open question. For better detection accuracy, in this work, Support Vector Machine (SVM) is assisted by kernel principal component analysis (KPCA) with genetic algorithm (GA). In the proposed SVM model, KPCA is used for reducing the dimension of feature vectors, and GA is used for optimizing different SVM parameters. In order to reduce the noise caused by feature differences, an improved kernel function (N-RBF) is proposed. The experimental results show that compared to single-SVM, the proposed model achieves more accurate classification with better generalization. Moreover, the proposed model can be embedded within the controller to define security rules to prevent possible attacks by the attackers.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords