A DDoS Detection Method Based on Feature Engineering and Machine Learning in Software-Defined Networks.
Sensors (Basel)
; 23(13)2023 Jul 05.
Article
em En
| MEDLINE
| ID: mdl-37448025
ABSTRACT
Distributed denial-of-service (DDoS) attacks pose a significant cybersecurity threat to software-defined networks (SDNs). This paper proposes a feature-engineering- and machine-learning-based approach to detect DDoS attacks in SDNs. First, the CSE-CIC-IDS2018 dataset was cleaned and normalized, and the optimal feature subset was found using an improved binary grey wolf optimization algorithm. Next, the optimal feature subset was trained and tested in Random Forest (RF), Support Vector Machine (SVM), K-Nearest Neighbor (k-NN), Decision Tree, and XGBoost machine learning algorithms, from which the best classifier was selected for DDoS attack detection and deployed in the SDN controller. The results show that RF performs best when compared across several performance metrics (e.g., accuracy, precision, recall, F1 and AUC values). We also explore the comparison between different models and algorithms. The results show that our proposed method performed the best and can effectively detect and identify DDoS attacks in SDNs, providing a new idea and solution for the security of SDNs.
Palavras-chave
Texto completo:
1
Coleções:
01-internacional
Base de dados:
MEDLINE
Assunto principal:
Algoritmos
/
Software
Tipo de estudo:
Diagnostic_studies
/
Prognostic_studies
Idioma:
En
Revista:
Sensors (Basel)
Ano de publicação:
2023
Tipo de documento:
Article
País de afiliação:
China