Optimized Artificial Intelligence Model for DDoS Detection in SDN Environment

Yousif Al-Dunainawi; Bilal R. Al-Kaseem; Hamed S. Al-Raweshidy

doi:10.1109/ACCESS.2023.3319214

IEEE Access (Jan 2023)

Optimized Artificial Intelligence Model for DDoS Detection in SDN Environment

Yousif Al-Dunainawi,
Bilal R. Al-Kaseem,
Hamed S. Al-Raweshidy

Affiliations

Yousif Al-Dunainawi: ORCiD; Department of Cybersecurity Engineering, College of Engineering and Information Technology, AlShaab University, Baghdad, Iraq
Bilal R. Al-Kaseem: ORCiD; Department of Communication Engineering, College of Engineering and Information Technology, AlShaab University, Baghdad, Iraq
Hamed S. Al-Raweshidy: ORCiD; Department of Electronic and Electrical Engineering, College of Engineering, Design and Physical Sciences, Brunel University London, London, U.K

DOI: https://doi.org/10.1109/ACCESS.2023.3319214
Journal volume & issue: Vol. 11
pp. 106733 – 106748

Abstract

Read online

Distributed denial of service (DDoS) attacks continue to be a major security concern, threatening the availability and reliability of network services. Software-defined networking (SDN) has emerged as a promising solution to address this issue, enabling centralized network control and management. However, conventional SDN-based DDoS mitigation techniques often struggle to detect and mitigate sophisticated attacks due to their limited ability to analyze complex traffic patterns. This paper proposes an innovative and optimized approach that effectively combines mininet, Ryu controller, and one dimensional-convolutional neural network (1D-CNN) to detect and mitigate DDoS attacks in SDN environments. The proposed approach involves training the 1D-CNN model with labeled network traffic data to effectively identify abnormal patterns associated with DDoS attacks. Furthermore, seven hyperparameters of the trained 1D-CNN model were tuned using non-dominated sorting genetic algorithm II (NSGA-II) to achieve the best accuracy with minimum training time. Once the optimized 1D-CNN model detects an attack, the Ryu controller dynamically adapts the network policies and employs appropriate mitigation techniques to protect the network infrastructure. To evaluate the effectiveness of the optimized 1D-CNN model, extensive experiments were conducted using a simulated SDN environment with a realistic DDoS attack dataset. The experimental results demonstrate that the developed approach achieves significantly improved detection accuracy of 99.99% compared to other machine learning (ML) models. The NSGA-II enhances the optimized model accuracy with an improvement rate of 9.5%, 8%, 5.4%, and 2.6% when it is compared to logistic regression (LR), random forest (RF), support vector machine (SVM), and k-nearest neighbor (KNN) optimized models respectively. This research paves the way for future developments in leveraging deep learning (DL) driven techniques and SDN architectures to address evolving cybersecurity challenges.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords