Recent Advancements in Intrusion Detection in Software Defined Network Security

Authors

  • Shridhar R Sharma  Associate Professor, Department of Electronics , J M Patel College, Bhandara, , Maharashtra, India
  • V. Mohan  Research Scholar, CHLR (Computer Science), SP College, Chandrapur, Maharashtra, India
  • B K Madhavi  HOD, Department of Computer Science and Engineering Department, NMR Engineering College, Hyderabad, India
  • S B Kishor  HOD, Department of Computer Science, SP College, Chandrapur, Maharashtra, India

DOI:

https://doi.org/10.32628/IJSRST22913

Keywords:

Software Defined Networking, Bayesian Networks, Wavelets, Support Vector Machines, DDoS

Abstract

In recent years, Software Defined Networking (SDN) has enabled total control over the network's data flow. SDN acts as a centralised point of administration for data and traffic management. Due to the fact that SDN is an open source software, it is more vulnerable to security concerns. Security policies must also be adhered to, since this would expose the controller to the greatest attacks. DDOS and DOS assaults are more prevalent in SDN controllers. DDOS is a damaging assault that disrupts the usual flow of communication and initiates an overflow of flooded packets, thereby shutting down the system. Machine Learning approaches assist in identifying the network's hidden and unexpected patterns, hence aiding in the analysis of the network's flow. All classified and unclassified approaches can assist in detecting hostile flows depending on specific factors such as packet flow, time length, precision, and accuracy rate. To identify DDOS assaults, researchers employed Bayesian Networks, Wavelets, Support Vector Machines, and KNN. According to the review, KNN offers superior results due to its increased accuracy and reduced false positive rate for detection. We explore the various strategies used in DDoS detection and examine new improvements in intrusion detection in software defined networks in this article.

References

  1. Y. Jarraya, T. Madi, and M. Debbabi, “A survey and a layered taxonomy of software-defined networking,” IEEE communications surveys & tutorials, vol. 16, no. 4, pp. 1955–1980,2014.
  2. K. S. Sahoo, S. Mohanty, M. Tiwary, B. K. Mishra, and B. Sahoo, “A comprehensive tutorial on software defined network: The driving force for the future internet technology,”in Proceedings of the International Conference on Advances in Information CommunicationTechnology&Computing.ACM,2016,p.114.
  3. P.Maiti,J.Shukla,B.Sahoo,and A. K.Turuk,“Qos-awarefognodesplacement,”in20184thInternationalConference on Recent Advances in Information Technology (RAIT). IEEE, 2018, pp.1–6.
  4. “Mathematical modeling of qos-aware fog computing architecture for iot services,”in Emerging Technologies in Data Mining and Information Security. Springer, 2019, pp.13–21.
  5. M. Tiwary, D. Puthal, K. S. Sahoo, B. Sahoo, and L. T. Yang, “Response time optimization for cloudlets in mobile edge computing,” Journal ofParallel and Distributed Computing, vol. 119, pp. 81–91,2018.
  6. K. S. Sahoo, D. Puthal, M. Tiwary, J. J. Rodrigues, B. Sahoo, and R. Dash, “An early detection of low rate ddos attack to sdn based data center networks using information distance metrics,” Future Generation Computer Systems, vol. 89, pp. 685–697,2018.
  7. K. Sahoo, K. S. Sahoo, and M. Tiwary, “Signature based malware detection for unstructured data in hadoop,” in Advances in Electronics, Computers and Communications (ICAECC), 2014 International Conference on. IEEE, 2014, pp.1–6.
  8. Z. A. Qazi, J. Lee, T. Jin, G. Bellala, M. Arndt, and G. Noubir, “Application-awareness in sdn,” in ACM SIGCOMM computer communication review, vol. 43, no. 4. ACM, 2013, pp.487–488.
  9. R. Braga, E. Mota, and A. Passito, “Lightweight ddos flooding attack detection using nox/openflow,” in Local Computer Networks (LCN),2010 IEEE 35th Conference on. IEEE, 2010, pp.408–415.
  10. Y. Zhang, “An adaptive flow counting method for anomaly detection in sdn,” in Proceedings of the ninth ACM conference on Emergingnetworking experiments and technologies. ACM, 2013, pp.25–30.
  11. S. T. Ali, V. Sivaraman, A. Radford, and S. Jha, “A survey of securing networks using software defined networking.” IEEE Trans. Reliability, vol. 64, no. 3, pp. 1086–1097,2015.
  12. K.Giotis, C. Argyropoulos, G. And roulidakis, D. Kalo geras and V.Maglaris,“Combining open flow and flow for an effective and scalableanomaly detection and mitigation mechanism on sdn environments,” Computer Networks, vol. 62, pp. 122–136,2014.
  13. R. Kokila, S. T. Selvi, and K. Govinda rajan, “Ddos detection and analysis in sdn-based environment using support vector machine classifier,”in Advanced Computing (ICoAC), 2014 Sixth International Conference on. IEEE, 2014, pp.205–210.
  14. R. Miao, M. Yu, and N. Jain, “Nimbus: cloud-scale attack detection and mitigation,” in Acmsigcomm computer communication review, vol. 44, no. 4. ACM, 2014, pp.121–122.
  15. Y. Cui, L. Yan, S. Li, H. Xing, W. Pan, J. Zhu, and X. Zheng, “Sd-anti ddos: Fast and efficient ddos defense in software-defined networks,” Journal of Network and Computer Applications, vol. 68, pp. 65–79,2016.
  16. J. Ashraf and S. Latif, “Handling intrusion and ddos attacks in software defined networks using machine learning techniques,” in Software Engineering Conference (NSEC), 2014 National. IEEE, 2014, pp.55–60.
  17. K. S. Sahoo, M. Tiwary, and B. Sahoo, “Detection of highrated dos attack from flash events using information metrics in software defined networks,” in Communication Systems & Networks (COMSNETS), 2018 10th International Conference on. IEEE, 2018, pp. 421–424.
  18. S. S. Keerthi, S. K. Shevade, C. Bhattacharyya, and K. R. Murthy, “A fast iterative nearest point algorithm for support vector machine classifier design,” IEEE transactions on neural networks, vol. 11, no. 1, pp. 124–136,2000.
  19. L. Breiman, “Random forests,” Machine learning, vol. 45, no. 1, pp. 532, 2001.
  20. M. Alka sassbeh, G. Al-Naymat, A. Hassanat, and M. Almseid in, “Detecting distributed denial of service attacks using data mining techniques,” International Journal of Advanced Computer Science and Applications, vol. 7, no. 1, 2016.

International Journal of Scientific Research in Science and Technology

Downloads

Published

2022-02-28

Issue

Volume 9, Issue 1, January-February-2022

Section

Research Articles

License

Copyright (c) IJSRST

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Shridhar R Sharma, V. Mohan, B K Madhavi, S B Kishor "Recent Advancements in Intrusion Detection in Software Defined Network Security" International Journal of Scientific Research in Science and Technology(IJSRST), Online ISSN : 2395-602X, Print ISSN : 2395-6011,Volume 9, Issue 1, pp.35-42, January-February-2022. Available at doi : https://doi.org/10.32628/IJSRST22913