Enhanced DDoS Detection Using Advanced Machine Learning and Ensemble Techniques in Software Defined Networking  

作　　者：Hira Akhtar Butt Khoula Said Al Harthy Mumtaz Ali Shah Mudassar Hussain Rashid Amin Mujeeb Ur Rehman 

机构地区：[1]Department of Computer Science,University of Management and Technology,Sialkot,51040,Pakistan [2]Department of Computer Science and Creative Technologies,Global College of Engineering and Technology,Muscat,2546,Sultanate of Oman [3]Department of Computer Science,University of Wah,Wah Cantt,47040,Pakistan [4]Department of Computer Science and IT,University of Chakwal,Chakwal,48800,Pakistan

出　　处：《Computers, Materials & Continua》2024年第11期3003-3031,共29页计算机、材料和连续体（英文）

摘　　要：Detecting sophisticated cyberattacks,mainly Distributed Denial of Service(DDoS)attacks,with unexpected patterns remains challenging in modern networks.Traditional detection systems often struggle to mitigate such attacks in conventional and software-defined networking(SDN)environments.While Machine Learning(ML)models can distinguish between benign and malicious traffic,their limited feature scope hinders the detection of new zero-day or low-rate DDoS attacks requiring frequent retraining.In this paper,we propose a novel DDoS detection framework that combines Machine Learning(ML)and Ensemble Learning(EL)techniques to improve DDoS attack detection and mitigation in SDN environments.Our model leverages the“DDoS SDN”dataset for training and evaluation and employs a dynamic feature selection mechanism that enhances detection accuracy by focusing on the most relevant features.This adaptive approach addresses the limitations of conventional ML models and provides more accurate detection of various DDoS attack scenarios.Our proposed ensemble model introduces an additional layer of detection,increasing reliability through the innovative application of ensemble techniques.The proposed solution significantly enhances the model’s ability to identify and respond to dynamic threats in SDNs.It provides a strong foundation for proactive DDoS detection and mitigation,enhancing network defenses against evolving threats.Our comprehensive runtime analysis of Simultaneous Multi-Threading(SMT)on identical configurations shows superior accuracy and efficiency,with significantly reduced computational time,making it ideal for real-time DDoS detection in dynamic,rapidly changing SDNs.Experimental results demonstrate that our model achieves outstanding performance,outperforming traditional algorithms with 99%accuracy using Random Forest(RF)and K-Nearest Neighbors(KNN)and 98%accuracy using XGBoost.

关 键 词：Table 1(continued)OSI layer Possible DDoS attack Data link MAC Address Flooding Physical Cable disconnection JaMMING physical impersonation 

分 类 号：TP181[自动化与计算机技术—控制理论与控制工程]