一种检测软件定义网络中DDoS攻击的混合机制

Q4 Engineering

Majlesi Journal of Electrical Engineering Pub Date : 2021-03-01 DOI:10.52547/MJEE.15.1.1

Afsaneh Banitalebi Dehkordi, M. Soltanaghaei, F. Z. Boroujeni

{"title":"一种检测软件定义网络中DDoS攻击的混合机制","authors":"Afsaneh Banitalebi Dehkordi, M. Soltanaghaei, F. Z. Boroujeni","doi":"10.52547/MJEE.15.1.1","DOIUrl":null,"url":null,"abstract":"DDoS (Distributed Denial-of-Service) attacks are among the cyberattacks that are increasing day by day and have caused problems for computer network servers. With the advent of SDN networks, they are not immune to these attacks, and due to the software-centric nature of these networks, this type of attack can be much more difficult for them, ignoring effective parameters such as port and Source IP in detecting attacks, providing costly solutions which are effective in increasing CPU load, and low accuracy in detecting attacks are of the problems of previously presented methods in detecting DDoS attacks. Given the importance of this issue,the purpose of this paper is to increase the accuracy of DDoS attack detection using the second order correlation coefficient technique based on ∅-entropy according to source IP and selection of optimal features.To select the best features, by examining the types of feature selection algorithms and search methods, the WrapperSubsetEval feature selection algorithm, the BestFirst search method, and the best effective features were selected. This study was performed on CTU-13 and ISOT datasets and the results were compared with other methods. The accuracy of the detection in this work indicates the high efficiency of the proposed approach compared to other similar methods.","PeriodicalId":37804,"journal":{"name":"Majlesi Journal of Electrical Engineering","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Hybrid Mechanism to Detect DDoS Attacks in Software Defined Networks\",\"authors\":\"Afsaneh Banitalebi Dehkordi, M. Soltanaghaei, F. Z. Boroujeni\",\"doi\":\"10.52547/MJEE.15.1.1\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"DDoS (Distributed Denial-of-Service) attacks are among the cyberattacks that are increasing day by day and have caused problems for computer network servers. With the advent of SDN networks, they are not immune to these attacks, and due to the software-centric nature of these networks, this type of attack can be much more difficult for them, ignoring effective parameters such as port and Source IP in detecting attacks, providing costly solutions which are effective in increasing CPU load, and low accuracy in detecting attacks are of the problems of previously presented methods in detecting DDoS attacks. Given the importance of this issue,the purpose of this paper is to increase the accuracy of DDoS attack detection using the second order correlation coefficient technique based on ∅-entropy according to source IP and selection of optimal features.To select the best features, by examining the types of feature selection algorithms and search methods, the WrapperSubsetEval feature selection algorithm, the BestFirst search method, and the best effective features were selected. This study was performed on CTU-13 and ISOT datasets and the results were compared with other methods. The accuracy of the detection in this work indicates the high efficiency of the proposed approach compared to other similar methods.\",\"PeriodicalId\":37804,\"journal\":{\"name\":\"Majlesi Journal of Electrical Engineering\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-03-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Majlesi Journal of Electrical Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.52547/MJEE.15.1.1\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"Engineering\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Majlesi Journal of Electrical Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.52547/MJEE.15.1.1","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Engineering","Score":null,"Total":0}

引用次数: 0

摘要

分布式拒绝服务(DDoS)攻击是日益增多的网络攻击之一，给计算机网络服务器带来了很多问题。随着SDN网络的出现，它们也不能幸免于这些攻击，并且由于这些网络以软件为中心的性质，这种类型的攻击对它们来说更加困难，在检测攻击时忽略了端口和源IP等有效参数，提供了昂贵的解决方案，有效地增加了CPU负载，并且检测攻击的准确性低是先前的DDoS攻击检测方法的问题。鉴于该问题的重要性，本文的目的是根据源IP和选择最优特征，采用基于∅-熵的二阶相关系数技术来提高DDoS攻击检测的准确性。为了选择最佳特征，通过对特征选择算法和搜索方法的研究，选择WrapperSubsetEval特征选择算法、BestFirst搜索方法和最佳有效特征。本研究在CTU-13和ISOT数据集上进行，并将结果与其他方法进行比较。本研究的检测精度表明，与其他类似方法相比，该方法具有较高的效率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Hybrid Mechanism to Detect DDoS Attacks in Software Defined Networks

DDoS (Distributed Denial-of-Service) attacks are among the cyberattacks that are increasing day by day and have caused problems for computer network servers. With the advent of SDN networks, they are not immune to these attacks, and due to the software-centric nature of these networks, this type of attack can be much more difficult for them, ignoring effective parameters such as port and Source IP in detecting attacks, providing costly solutions which are effective in increasing CPU load, and low accuracy in detecting attacks are of the problems of previously presented methods in detecting DDoS attacks. Given the importance of this issue,the purpose of this paper is to increase the accuracy of DDoS attack detection using the second order correlation coefficient technique based on ∅-entropy according to source IP and selection of optimal features.To select the best features, by examining the types of feature selection algorithms and search methods, the WrapperSubsetEval feature selection algorithm, the BestFirst search method, and the best effective features were selected. This study was performed on CTU-13 and ISOT datasets and the results were compared with other methods. The accuracy of the detection in this work indicates the high efficiency of the proposed approach compared to other similar methods.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Majlesi Journal of Electrical Engineering Engineering-Electrical and Electronic Engineering

CiteScore

1.20

自引率

0.00%

发文量

期刊介绍： The scope of Majlesi Journal of Electrcial Engineering (MJEE) is ranging from mathematical foundation to practical engineering design in all areas of electrical engineering. The editorial board is international and original unpublished papers are welcome from throughout the world. The journal is devoted primarily to research papers, but very high quality survey and tutorial papers are also published. There is no publication charge for the authors.