LRDDoS Attack Detection on SD-IoT Using Random Forest with Logistic Regression Coefficient
Abstract
Software-Defined Internet of Things (SD-IoT) is currently developed extensively. The Software-Defined Network (SDN) architecture allows Internet of Things (IoT) networks to separate control and data delivery areas into different abstraction layers. However, Low-Rate Distributed Denial of Service (LRDDoS) attacks are a significant problem in SD-IoT networks because they can overwhelm centralized control systems or controllers. Therefore, a system is needed to identify and detect these attacks comprehensively. This paper built an LRDDoS detection system using the Random Forest (RF) algorithm as the classification method. The dataset used during the experiment was considered a new dataset schema with 21 features. The dataset was selected using feature importance - logistic regression to increase the classification accuracy results and reduce the computational burden of the controller during the attack prediction process. The results of the RF classification with the LRDDoS packet delivery speed of 200 packets per second (PPS) had the highest accuracy of 98.7%. The greater the delivery rates of the attack pattern, the increased accuracy results.
Downloads
References
J. Bhayo, S. Hameed, and S. A. Shah, “An Efficient Counter-Based DDoS Attack Detection Framework Leveraging Software Defined IoT (SD-IoT),” IEEE Access, vol. 8, 2020.
https://doi.org/10.1109/ACCESS.2020.3043082
G. Liu, W. Quan, N. Cheng, H. Zhang, and S. Yu, “Efficient DDoS attacks mitigation for stateful forwarding in Internet of Things,” J. Netw. Comput. Appl., vol. 130, no. January, pp. 1–13, 2019.
https://doi.org/10.1016/j.jnca.2019.01.006
F. S. Dantas Silva, E. Silva, E. P. Neto, M. Lemos, A. J. Venancio Neto, and F. Esposito, “A taxonomy of DDoS attack mitigation approaches featured by SDN technologies in IoT scenarios,” Sensors (Switzerland), vol. 20, no. 11, pp. 1–28, 2020.
https://doi.org/10.3390/s20113078
D. Yin, L. Zhang, and K. Yang, “A DDoS Attack Detection and Mitigation with Software-Defined Internet of Things Framework,” IEEE Access, vol. 6, no. Mcc, pp. 24694–24705, 2018.
https://doi.org/10.1109/ACCESS.2018.2831284
F. A. Fernandes Silveira, F. Lima-Filho, F. S. Dantas Silva, A. De Medeiros Brito Junior, and L. F. Silveira, “Smart Detection-IoT: A DDoS Sensor System for Internet of Things,” Int. Conf. Syst. Signals, Image Process., vol. 2020-July, pp. 343–348, 2020.
https://doi.org/10.1109/IWSSIP48289.2020.9145265
J. Wang, Y. Liu, W. Su, and H. Feng, “A DDoS attack detection based on deep learning in software-defined Internet of things,” IEEE Veh. Technol. Conf., vol. 2020-November, 2020.
https://doi.org/10.1109/VTC2020-Fall49728.2020.9348652
N. N. Tuan, P. H. Hung, N. D. Nghia, N. Van Tho, T. Van Phan, and N. H. Thanh, “A DDoS attack mitigation scheme in ISP networks using machine learning based on SDN,” Electron., vol. 9, no. 3, pp. 1–19, 2020.
https://doi.org/10.3390/electronics9030413
K. K. Karmakar, V. Varadharajan, S. Nepal, and U. Tupakula, “SDN-Enabled Secure IoT Architecture,” IEEE Internet Things J., vol. 8, no. 8, pp. 6549–6564, 2021.
https://doi.org/10.1109/JIOT.2020.3043740
Y. W. Chen, J. P. Sheu, Y. C. Kuo, and N. Van Cuong, “Design and implementation of IoT DDoS attacks detection system based on machine learning,” 2020 Eur. Conf. Networks Commun. EuCNC 2020, pp. 122–127, 2020.
https://doi.org/10.1109/EuCNC48522.2020.9200909
M. Fajar Sidiq, Akbari Basuki, and D. Rosiyadi, “MiTE: Program Penyunting Topologi Jaringan untuk Pembelajaran SDN,” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 4, no. 5, pp. 970–977, 2020.
https://doi.org/10.29207/resti.v4i5.2473
V. Deepa, K. M. Sudar, and P. Deepalakshmi, “Design of Ensemble Learning Methods for DDoS Detection in SDN Environment,” Proc. - Int. Conf. Vis. Towar. Emerg. Trends Commun. Networking, ViTECoN 2019, pp. 1–6, 2019.
https://doi.org/10.1109/ViTECoN.2019.8899682
S. Dong and M. Sarem, “DDoS Attack Detection Method Based on Improved KNN with the Degree of DDoS Attack in Software-Defined Networks,” IEEE Access, vol. 8, pp. 5039–5048, 2020.
https://doi.org/10.1109/ACCESS.2019.2963077
J. Cui, J. Zhang, J. He, H. Zhong, and Y. Lu, “DDoS detection and defense mechanism for SDN controllers with K-Means,” Proc. - 2020 IEEE/ACM 13th Int. Conf. Util. Cloud Comput. UCC 2020, pp. 394–401, 2020.
https://doi.org/10.1109/UCC48980.2020.00062
W. Zhijun, X. Qing, W. Jingjie, Y. Meng, and L. Liang, “Low-Rate DDoS Attack Detection Based on Factorization Machine in Software Defined Network,” IEEE Access, vol. 8, pp. 17404–17418, 2020.
https://doi.org/10.1109/ACCESS.2020.2967478
M. Baskar, J. Ramkumar, C. Karthikeyan, V. Anbarasu, A. Balaji, and T. S. Arulananth, “Low rate DDoS mitigation using real-time multi threshold traffic monitoring system,” J. Ambient Intell. Humaniz. Comput., no. 0123456789, 2021.
https://doi.org/10.1007/s12652-020-02744-y
F. Sumadi and C. Aditya, “Machine learning in openflow network: Comparative analysis of ddos detection techniques,” Int. Arab J. Inf. Technol., vol. 18, no. 2, pp. 221–226, 2020.
https://doi.org/10.34028/IAJIT/18/2/11
H. Cheng, J. Liu, T. Xu, B. Ren, J. Mao, and W. Zhang, “Machine learning based low-rate DDoS attack detection for SDN enabled IoT networks,” Int. J. Sens. Networks, vol. 34, no. 1, pp. 56–69, 2020.
https://doi.org/10.1504/ijsnet.2020.109720
K. S. Sahoo et al., "An Evolutionary SVM Model for DDOS Attack Detection in Software Defined Networks," IEEE Access, vol. 8, pp. 132502-132513, 2020.
https://doi.org/10.1109/ACCESS.2020.3009733
V. Deepa, K. M. Sudar, and P. Deepalakshmi, "Detection of DDoS Attack on SDN Control plane using Hybrid Machine Learning Techniques," in 2018 International Conference on Smart Systems and Inventive Technology (ICSSIT), 2018, pp. 299-303.
https://doi.org/10.1109/ICSSIT.2018.8748836
B. Nugraha and R. N. Murthy, "Deep Learning-based Slow DDoS Attack Detection in SDN-based Networks," in 2020 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN), 2020, pp. 51-56.
https://doi.org/10.1109/NFV-SDN50289.2020.9289894
D. Y. Setiawan, S. N. Hertiana, and R. M. Negara, “6LoWPAN Performance Analysis of IoT Software-Defined-Network-Based Using Mininet-IoT,” IoTaIS 2020 - Proc. 2020 IEEE Int. Conf. Internet Things Intell. Syst., pp. 60–65, 2021.
https://doi.org/10.1109/IoTaIS50849.2021.9359714
H. E. Wahanani, M. Idhom, and E. P. Mandyartha, “Equal cost multipath ryu controller analysis in software-defined networking,” Proceeding - 6th Inf. Technol. Int. Semin. ITIS 2020, pp. 115–118, 2020.
https://doi.org/10.1109/ITIS50118.2020.9321069
X. Huang, Y. Tang, Z. Shao, Y. Yang, and H. Xu, “Joint Switch-Controller Association and Control Devolution for SDN Systems: An Integrated Online Perspective of Control and Learning,” IEEE Trans. Netw. Serv. Manag., vol. 18, no. 1, pp. 315–330, 2021.
https://doi.org/10.1109/TNSM.2020.3044674
F. Hussain, S. G. Abbas, U. U. Fayyaz, G. A. Shah, A. Toqeer, and A. Ali, “Towards a Universal Features Set for IoT Botnet Attacks Detection,” Proc. - 2020 23rd IEEE Int. Multi-Topic Conf. INMIC 2020, 2020.
https://doi.org/10.1109/INMIC50486.2020.9318106
G. Zheng, X. Xu, and J. Yan, “SD-CRF: A DoS Attack Detection Method for SDN,” Int. Conf. Commun. Technol. Proceedings, ICCT, vol. 2020-October, pp. 1116–1120, 2020.
https://doi.org/10.1109/ICCT50939.2020.9295801
S. Arvind and V. A. Narayanan, “An Overview of Security in CoAP: Attack and Analysis,” 2019 5th Int. Conf. Adv. Comput. Commun. Syst. ICACCS 2019, pp. 655–660, 2019.
https://doi.org/10.1109/ICACCS.2019.8728533
Sumadi, Fauzi (2022), “Low Rate DDoS (MQTT)”, Mendeley Data, V1.
https://doi.org/10.17632/bzf9jcvhx4.1
Z. Li, W. Xing, S. Khamaiseh, and D. Xu, “Detecting Saturation Attacks Based on Self-Similarity of OpenFlow Traffic,” IEEE Trans. Netw. Serv. Manag., vol. 17, no. 1, pp. 607–621, 2020.
https://doi.org/10.1109/TNSM.2019.2959268
N. Ahuja, G. Singal, D. Mukhopadhyay, and N. Kumar, “Automated DDOS attack detection in software defined networking,” J. Netw. Comput. Appl., vol. 187, no. May, p. 103108, 2021.
https://doi.org/10.1016/j.jnca.2021.103108
A. S. Soma, T. Kubota, and H. Mizuno, “Optimization of causative factors using logistic regression and artificial neural network models for landslide susceptibility assessment in Ujung Loe Watershed, South Sulawesi Indonesia,” J. Mt. Sci., vol. 16, no. 2, pp. 383–401, 2019.
https://doi.org/10.1007/s11629-018-4884-7
H. M. Rizeei, B. Pradhan, M. A. Saharkhiz, and S. Lee, “Groundwater aquifer potential modeling using an ensemble multi-adoptive boosting logistic regression technique,” J. Hydrol., vol. 579, no. September, p. 124172, 2019.
https://doi.org/10.1016/j.jhydrol.2019.124172
A. M. D. Tello and M. Abolhasan, “SDN Controllers Scalability and Performance Study,” 2019, 13th Int. Conf. Signal Process. Commun. Syst. ICSPCS 2019 - Proc., 2019. https://doi.org/10.1109/ICSPCS47537.2019.9008462
W. Ma, J. Beltran, D. Pan, and N. Pissinou, “Placing Traffic-Changing and Partially-Ordered NFV Middleboxes via SDN,” IEEE Trans. Netw. Serv. Manag., vol. 16, no. 4, pp. 1303–1317, 2019.
https://doi.org/10.1109/TNSM.2019.2946347
R. Santos, D. Souza, W. Santo, A. Ribeiro, and E. Moreno, “Machine learning algorithms to detect DDoS attacks in SDN,” Concurr. Comput. Pract. Exp., vol. 32, no. 16, pp. 1–14, 2020.
https://doi.org/10.1002/cpe.5402
Naveen Bindra and Manu Sood, “Detecting DDoS Attacks Using Machine Learning Techniques and Contemporary Intrusion Detection Dataset,” Autom. Control Comput. Sci., vol. 53, no. 5, pp. 419–428, 2019.
https://doi.org/10.3103/S0146411619050043
M. Saarela and S. Jauhiainen, “Comparison of feature importance measures as explanations for classification models,” SN Appl. Sci., vol. 3, no. 2, pp. 1–12, 2021.
https://doi.org/10.1007/s42452-021-04148-9
H. M. Noman and M. N. Jasim, "POX Controller and Open Flow Performance Evaluation in Software Defined Networks (SDN) Using Mininet Emulator," IOP Conference Series: Materials Science and Engineering, vol. 881, no. 1, p. 012102, 2020/07/01 2020.
Copyright (c) 2022 Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi)
This work is licensed under a Creative Commons Attribution 4.0 International License.
Copyright in each article belongs to the author
- The author acknowledges that the RESTI Journal (System Engineering and Information Technology) is the first publisher to publish with a license Creative Commons Attribution 4.0 International License.
- Authors can enter writing separately, arrange the non-exclusive distribution of manuscripts that have been published in this journal into other versions (eg sent to the author's institutional repository, publication in a book, etc.), by acknowledging that the manuscript has been published for the first time in the RESTI (Rekayasa Sistem dan Teknologi Informasi) journal ;