Next Article in Journal
Using a Hybrid Recommending System for Learning Videos in Flipped Classrooms and MOOCs
Previous Article in Journal
Detailed Analysis on Generating the Range Image for LiDAR Point Cloud Processing
Article

Machine Learning Approach Equipped with Neighbourhood Component Analysis for DDoS Attack Detection in Software-Defined Networking

1
Department on Information Technology, Samsun University, 55080 Samsun, Turkey
2
Faculty of Technology, Gazi University, 06500 Ankara, Turkey
3
Department of Computer Technologies, Ağrı İbrahim Çeçen University, 04000 Ağrı, Turkey
4
Department on Computer Engineering, Ostim Technical University, 06500 Ankara, Turkey
*
Author to whom correspondence should be addressed.
Academic Editors: Houbing Song and Jehad Ali
Electronics 2021, 10(11), 1227; https://doi.org/10.3390/electronics10111227
Received: 24 April 2021 / Revised: 16 May 2021 / Accepted: 19 May 2021 / Published: 21 May 2021
The Software-Defined Network (SDN) is a new network paradigm that promises more dynamic and efficiently manageable network architecture for new-generation networks. With its programmable central controller approach, network operators can easily manage and control the whole network. However, at the same time, due to its centralized structure, it is the target of many attack vectors. Distributed Denial of Service (DDoS) attacks are the most effective attack vector to the SDN. The purpose of this study is to classify the SDN traffic as normal or attack traffic using machine learning algorithms equipped with Neighbourhood Component Analysis (NCA). We handle a public “DDoS attack SDN Dataset” including a total of 23 features. The dataset consists of Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Internet Control Message Protocol (ICMP) normal and attack traffics. The dataset, including more than 100 thousand recordings, has statistical features such as byte_count, duration_sec, packet rate, and packet per flow, except for features that define source and target machines. We use the NCA algorithm to reveal the most relevant features by feature selection and perform an effective classification. After preprocessing and feature selection stages, the obtained dataset was classified by k-Nearest Neighbor (kNN), Decision Tree (DT), Artificial Neural Network (ANN), and Support Vector Machine (SVM) algorithms. The experimental results show that DT has a better accuracy rate than the other algorithms with 100% classification achievement. View Full-Text
Keywords: SDN; Distributed Denial of Service attacks; Neighbourhood Component Analysis; machine learning SDN; Distributed Denial of Service attacks; Neighbourhood Component Analysis; machine learning
Show Figures

Figure 1

MDPI and ACS Style

Tonkal, Ö.; Polat, H.; Başaran, E.; Cömert, Z.; Kocaoğlu, R. Machine Learning Approach Equipped with Neighbourhood Component Analysis for DDoS Attack Detection in Software-Defined Networking. Electronics 2021, 10, 1227. https://doi.org/10.3390/electronics10111227

AMA Style

Tonkal Ö, Polat H, Başaran E, Cömert Z, Kocaoğlu R. Machine Learning Approach Equipped with Neighbourhood Component Analysis for DDoS Attack Detection in Software-Defined Networking. Electronics. 2021; 10(11):1227. https://doi.org/10.3390/electronics10111227

Chicago/Turabian Style

Tonkal, Özgür; Polat, Hüseyin; Başaran, Erdal; Cömert, Zafer; Kocaoğlu, Ramazan. 2021. "Machine Learning Approach Equipped with Neighbourhood Component Analysis for DDoS Attack Detection in Software-Defined Networking" Electronics 10, no. 11: 1227. https://doi.org/10.3390/electronics10111227

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop