RMCARTAM For DDoS Attack Mitigation in SDN Using Machine Learning |
| |
Authors: | M. Revathi V. V. Ramalingam B. Amutha |
| |
Affiliation: | Department of Computing Technologies, SRM Institute of Science and Technology, Kattankulathur, Chennai, 603203, Tamil Nadu, India |
| |
Abstract: | The impact of a Distributed Denial of Service (DDoS) attack on Software Defined Networks (SDN) is briefly analyzed. Many approaches to detecting DDoS attacks exist, varying on the feature being considered and the method used. Still, the methods have a deficiency in the performance of detecting DDoS attacks and mitigating them. To improve the performance of SDN, an efficient Real-time Multi-Constrained Adaptive Replication and Traffic Approximation Model (RMCARTAM) is sketched in this article. The RMCARTAM considers different parameters or constraints in running different controllers responsible for handling incoming packets. The model is designed with multiple controllers to handle network traffic but can turn the controllers according to requirements. The multi-constraint adaptive replication model monitors different features of network traffic like rate of packet reception, class-based packet reception and target-specific reception. According to these features, the method estimates the Replication Turning Weight (RTW) based on which triggering controllers are performed. Similarly, the method applies Traffic Approximation (TA) in the detection of DDoS attacks. The detection of a DDoS attack is performed by approximating the incoming traffic to any service and using various features like hop count, payload, service frequency, and malformed frequency to compute various support measures on bandwidth access, data support, frequency support, malformed support, route support, and so on. Using all these support measures, the method computes the value of legitimate weight to conclude the behavior of any source in identifying the malicious node. Identified node details are used in the mitigation of DDoS attacks. The method stimulates the network performance by reducing the power factor by switching the controller according to different factors, which also reduces the cost. In the same way, the proposed model improves the accuracy of detecting DDoS attacks by estimating the features of incoming traffic in different corners. |
| |
Keywords: | DDoS SDN traffic approximation adaptive replication multi-controller support measures RTW |
|
| 点击此处可从《计算机系统科学与工程》浏览原始摘要信息 |
|
点击此处可从《计算机系统科学与工程》下载全文 |
|