Next Article in Journal
Circuit Implementation of a Modified Chaotic System with Hyperbolic Sine Nonlinearities Using Bi-Color LED
Previous Article in Journal
A Modular Car Body for Sustainable, Cost-Effective, and Versatile Vehicle Development
Article

An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers

Faculty of Electrical and Computer Engineering, Kwame Nkrumah University of Science and Technology, Kumasi Ghana AK-039-5028, Ghana
*
Author to whom correspondence should be addressed.
Technologies 2021, 9(1), 14; https://doi.org/10.3390/technologies9010014
Received: 17 December 2020 / Revised: 19 January 2021 / Accepted: 20 January 2021 / Published: 11 February 2021
Software-Defined Networking (SDN) is a new paradigm that revolutionizes the idea of a software-driven network through the separation of control and data planes. It addresses the problems of traditional network architecture. Nevertheless, this brilliant architecture is exposed to several security threats, e.g., the distributed denial of service (DDoS) attack, which is hard to contain in such software-based networks. The concept of a centralized controller in SDN makes it a single point of attack as well as a single point of failure. In this paper, deep learning-based models, long-short term memory (LSTM) and convolutional neural network (CNN), are investigated. It illustrates their possibility and efficiency in being used in detecting and mitigating DDoS attack. The paper focuses on TCP, UDP, and ICMP flood attacks that target the controller. The performance of the models was evaluated based on the accuracy, recall, and true negative rate. We compared the performance of the deep learning models with classical machine learning models. We further provide details on the time taken to detect and mitigate the attack. Our results show that RNN LSTM is a viable deep learning algorithm that can be applied in the detection and mitigation of DDoS in the SDN controller. Our proposed model produced an accuracy of 89.63%, which outperformed linear-based models such as SVM (86.85%) and Naive Bayes (82.61%). Although KNN, which is a linear-based model, outperformed our proposed model (achieving an accuracy of 99.4%), our proposed model provides a good trade-off between precision and recall, which makes it suitable for DDoS classification. In addition, it was realized that the split ratio of the training and testing datasets can give different results in the performance of a deep learning algorithm used in a specific work. The model achieved the best performance when a split of 70/30 was used in comparison to 80/20 and 60/40 split ratios. View Full-Text
Keywords: SDN; DDoS; machine learning; deep learning SDN; DDoS; machine learning; deep learning
Show Figures

Figure 1

MDPI and ACS Style

Gadze, J.D.; Bamfo-Asante, A.A.; Agyemang, J.O.; Nunoo-Mensah, H.; Opare, K.A.-B. An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers. Technologies 2021, 9, 14. https://doi.org/10.3390/technologies9010014

AMA Style

Gadze JD, Bamfo-Asante AA, Agyemang JO, Nunoo-Mensah H, Opare KA-B. An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers. Technologies. 2021; 9(1):14. https://doi.org/10.3390/technologies9010014

Chicago/Turabian Style

Gadze, James D., Akua A. Bamfo-Asante, Justice O. Agyemang, Henry Nunoo-Mensah, and Kwasi A.-B. Opare. 2021. "An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers" Technologies 9, no. 1: 14. https://doi.org/10.3390/technologies9010014

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop