SDN环境下针对DDoS攻击检测的优化随机森林

IF 3.7 3区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Cloud Computing-Advances Systems and Applications Pub Date : 2023-07-01 DOI:10.1109/CSCloud-EdgeCom58631.2023.00021

Zhaohui Ma, Jie Zhang, Mingdong Tang

{"title":"SDN环境下针对DDoS攻击检测的优化随机森林","authors":"Zhaohui Ma, Jie Zhang, Mingdong Tang","doi":"10.1109/CSCloud-EdgeCom58631.2023.00021","DOIUrl":null,"url":null,"abstract":"Software Defined Network (SDN) is a new type of network architecture that realizes network virtualization, with the characteristics of the control and forwarding separation, open programming, centralized control, and its flexibility is more suitable for the current complex and changeable network environment. However, due to its centralized control characteristics, the controller is faced with a huge risk of being subjected to distributed denial of service (DDoS) attacks that will cause the entire network to be paralyzed. Therefore, the detection of DDoS attacks in SDN networks has become the research direction of many scholars. so an algorithm for detecting DDoS attacks in SDN networks using optimizing RFs is proposed. By selecting the appropriate traffic features, creating the traffic dataset in the SDN environment, and using the dataset to optimize the model parameters, the attack detection model is constructed, and the final detection algorithm is as accurate as 99.98% for the collected dataset, which is more accurate and efficient than the common machine learning algorithms such as SVC and KNN.","PeriodicalId":56007,"journal":{"name":"Journal of Cloud Computing-Advances Systems and Applications","volume":"14 1","pages":"72-77"},"PeriodicalIF":3.7000,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Optimized Random Forest for DDoS Attack Detection in SDN Environment\",\"authors\":\"Zhaohui Ma, Jie Zhang, Mingdong Tang\",\"doi\":\"10.1109/CSCloud-EdgeCom58631.2023.00021\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software Defined Network (SDN) is a new type of network architecture that realizes network virtualization, with the characteristics of the control and forwarding separation, open programming, centralized control, and its flexibility is more suitable for the current complex and changeable network environment. However, due to its centralized control characteristics, the controller is faced with a huge risk of being subjected to distributed denial of service (DDoS) attacks that will cause the entire network to be paralyzed. Therefore, the detection of DDoS attacks in SDN networks has become the research direction of many scholars. so an algorithm for detecting DDoS attacks in SDN networks using optimizing RFs is proposed. By selecting the appropriate traffic features, creating the traffic dataset in the SDN environment, and using the dataset to optimize the model parameters, the attack detection model is constructed, and the final detection algorithm is as accurate as 99.98% for the collected dataset, which is more accurate and efficient than the common machine learning algorithms such as SVC and KNN.\",\"PeriodicalId\":56007,\"journal\":{\"name\":\"Journal of Cloud Computing-Advances Systems and Applications\",\"volume\":\"14 1\",\"pages\":\"72-77\"},\"PeriodicalIF\":3.7000,\"publicationDate\":\"2023-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Cloud Computing-Advances Systems and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1109/CSCloud-EdgeCom58631.2023.00021\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cloud Computing-Advances Systems and Applications","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/CSCloud-EdgeCom58631.2023.00021","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

软件定义网络(Software Defined Network, SDN)是一种实现网络虚拟化的新型网络架构，具有控制与转发分离、开放编程、集中控制等特点，其灵活性更适合当前复杂多变的网络环境。然而，由于其集中控制的特点，控制器面临着遭受分布式拒绝服务攻击的巨大风险，这将导致整个网络瘫痪。因此，SDN网络中DDoS攻击的检测成为众多学者的研究方向。为此，提出了一种基于优化RFs的SDN网络DDoS攻击检测算法。通过选择合适的流量特征，在SDN环境下创建流量数据集，并利用数据集对模型参数进行优化，构建攻击检测模型，最终对采集到的数据集检测算法准确率高达99.98%，比常用的SVC、KNN等机器学习算法准确率更高、效率更高。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Optimized Random Forest for DDoS Attack Detection in SDN Environment

Software Defined Network (SDN) is a new type of network architecture that realizes network virtualization, with the characteristics of the control and forwarding separation, open programming, centralized control, and its flexibility is more suitable for the current complex and changeable network environment. However, due to its centralized control characteristics, the controller is faced with a huge risk of being subjected to distributed denial of service (DDoS) attacks that will cause the entire network to be paralyzed. Therefore, the detection of DDoS attacks in SDN networks has become the research direction of many scholars. so an algorithm for detecting DDoS attacks in SDN networks using optimizing RFs is proposed. By selecting the appropriate traffic features, creating the traffic dataset in the SDN environment, and using the dataset to optimize the model parameters, the attack detection model is constructed, and the final detection algorithm is as accurate as 99.98% for the collected dataset, which is more accurate and efficient than the common machine learning algorithms such as SVC and KNN.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Cloud Computing-Advances Systems and Applications Computer Science-Computer Networks and Communications

CiteScore

6.80

自引率

7.50%

发文量

审稿时长

75 days

期刊介绍： The Journal of Cloud Computing: Advances, Systems and Applications (JoCCASA) will publish research articles on all aspects of Cloud Computing. Principally, articles will address topics that are core to Cloud Computing, focusing on the Cloud applications, the Cloud systems, and the advances that will lead to the Clouds of the future. Comprehensive review and survey articles that offer up new insights, and lay the foundations for further exploratory and experimental work, are also relevant.