IEEE Access (Jan 2024)
Detection and Mitigation of Distributed Denial of Service Attacks Using Ensemble Learning and Honeypots in a Novel SDN-UAV Network Architecture
Abstract
The combination of Software-Defined Networking (SDN) with Unmanned Aerial Vehicles (UAVs) has transformed wireless communication and data transmission. However, this advancement introduces new security challenges, specifically Distributed Denial of Service (DDoS) attacks, which can significantly disrupt network operations. Existing solutions often rely on single-model detection methods that may not adequately address these evolving threats. These methods may struggle with new and sophisticated attack patterns, leading to higher false positives and negatives. This work presents a new network architecture and novel approach that combines Ensemble learning with honeypot UAV to detect and mitigate DDoS attacks within SDN-UAV networks effectively. The initial phase involves detecting DDoS attacks from network traffic. Instead of relying on a single model, we use two models combined through a bagging-based ensemble method to integrate their results. In this setup, the detected attacks are promptly relayed to subordinate SDN controllers for the implementation of proactive security measures. A honeypot UAV is integrated into the architecture to enhance the system’s effectiveness. This honeypot UAV collects data on potential threats, allowing constant updates and refinement of the ensemble learning model. Furthermore, the system can proactively block traffic from these sources with this data, strengthening the defense mechanisms against DDoS attacks within the SDN-UAV network. To assess the effectiveness of our approach, we conducted training and testing experiments using the InSDN dataset. Experimental results are evaluated using various metrics, demonstrating that the proposed method consistently outperforms the state-of-the-art methods.
Keywords
