Monica Murlidhar Jagtap,Renuka Devi Saravanan

DOI: https://doi.org/10.1002/ett.4594

IF: 3.6

2022-07-21

Transactions on Emerging Telecommunications Technologies

Abstract:Software defined networking (SDN) is the next generation network. SDN enhances the programming flexibility, speed and automation to improve the network's performance. SDN has several advantages, but one limitation is the control plane's single point of failure (SPF). The control plane is the management controller of the SDN. On the failure of it, the network collapses. In SDN, the SPF problem is raised by distributed denial of services (DDoS) attacks. Thus, the proposed approach introduces a novel intrusion detection and prevention system (IDPS) using recurrent neural network (RNN). The deep learning custom developed RNN model based on long short‐term memory (LSTM), and graded rated unit (GRU) is termed "Block‐Attack" model. The result analysis of the proposed method is based on the data set from CICDDoS2019. The dataset is clustered as a preprocessing stage using the K‐medoid technique, which reduces the model's sensitivity to low density. In the first stage of the experiment, a support vector machine (SVM)‐based machine learning (SVM‐ML) technique is used to defend against DDoS in a Mininet‐based emulation. In the second stage of the experiment, LSTM and GRU deep learning (DL) techniques are used to define the block‐attack model. The results show that the block‐attack method detects and prevents DDoS attacks with an accuracy of 98.5%, the accuracy of the SVM‐based method is 95.5%. Software defined networking (SDN) is the next‐generation network. SDN enhances the programming flexibility, speed and automation to improve the network's performance. In recent times SDN has played a vital role in networking technology. It communicates with underlying hardware infrastructure and directs traffic on a network. The most complicated issue in SDN is the control plane's single point of failure (SPF). The main reason for raising the SPF problem in SDN by distributed denial of service (DDoS) attacks. The network collapses during failures in SDN, and the control plane is considered a management controller. Therefore, a novel intrusion detection and prevention system (IDPS) is proposed in the proposed approach to address SDN's problems mentioned above. In the proposed approach, a long short term memory (LSTM) and graded rated unit (GRU) deep learning model is proposed as the "Block‐Attack" model. The main objective of using LSTM and GRU in the proposed approach is to enhance the rate of accuracy in detecting DDoS attacks in an SDN environment. The CICDDoS2019 dataset is used for experimental result analysis in the proposed approach. Initially, the dataset is fed into the preprocessing stage. Using the K‐medoid technique, raw datasets are preprocessed to reduce the model's sensitivity to low density. In the proposed approach, the support vector machine based machine learning (SVM‐ML) technique is utilized to prevent DDoS attacks in a Mininet‐based emulation. Then, LSTM and GRU deep learning (DL) techniques are used to define the block‐attack model to enhance the detection performance. The experimental results of the proposed approach "Block‐Attack" model attain 98.5% of accuracy to detect and prevent the DDoS attacks and 95.5% of accuracy for SVM based method.

telecommunications