Cyber Security and Applications (Jan 2024)
A novel dual optimized IDS to detect DDoS attack in SDN using hyper tuned RFE and deep grid network
Abstract
Technological advancement is one of the factors contributing to a rise of susceptible cyberattacks. Distributed denial of service (DDoS) attack reduces the efficiency of network servers by saturating them with unwanted data and preventing authorized clients from accessing them. Due to the centralized architecture of Software Defined Network (SDN), it faces a number of security vulnerabilities. In SDN, DDoS attack is one of the main strikes on the control planes. A novel Optimized Dual Intrusion Detection System is proposed to identify DDoS and Non-DDoS attack more quickly with best proposed models. Hyper Tuned parameter optimization is carried on Logistic Regression, Decision Tree and Random Forest algorithms to find the best parameters. RFE with Repeated Stratified K-fold feature selection is used using the best parameters to reduce the 77 features to 4 features. A novel Deep Grid Network combines hyper-tuned classifiers with 7 other machine learning algorithms to produce 21 models. An ensemble technique uses 6 best models from 21 models for the best prediction of DDoS attack. A new dataset is also generated through Mininet for proper validation of the model.