Brunel University Research Archive(BURA) preserves and enables easy and open access to all
types of digital content. It showcases Brunel's research outputs.
Research contained within BURA is open access, although some publications may be subject
to publisher imposed embargoes. All awarded PhD theses are also archived on BURA.
Please use this identifier to cite or link to this item:
http://bura.brunel.ac.uk/handle/2438/27702| Title: | Optimized Artificial Intelligence Model for DDoS Detection in SDN Environment |
| Authors: | Al-Dunainawi, Y Al-Kaseem, BR Al-Raweshidy, HS |
| Keywords: | artificial intelligence;distributed denial of service;hyperparameters tuning;mininet;optimized model;Ryu controller;software defined networking;NSGA-II |
| Issue Date: | 25-Sep-2023 |
| Publisher: | IEEE |
| Citation: | Al-Dunainawi, Y., Al-Kaseem, B.R. and Al-Raweshidy, H.S. (2023) 'Optimized Artificial Intelligence Model for DDoS Detection in SDN Environment', IEEE Access, 11, pp. 106733 - 106748. doi: 10.1109/ACCESS.2023.3319214. |
| Abstract: | © Copyright 2023 The Authors. Distributed denial of service (DDoS) attacks continue to be a major security concern, threatening the availability and reliability of network services. Software-defined networking (SDN) has emerged as a promising solution to address this issue, enabling centralized network control and management. However, conventional SDN-based DDoS mitigation techniques often struggle to detect and mitigate sophisticated attacks due to their limited ability to analyze complex traffic patterns. This paper proposes an innovative and optimized approach that effectively combines mininet, Ryu controller, and one dimensional-convolutional neural network (1D-CNN) to detect and mitigate DDoS attacks in SDN environments. The proposed approach involves training the 1D-CNN model with labeled network traffic data to effectively identify abnormal patterns associated with DDoS attacks. Furthermore, seven hyperparameters of the trained 1D-CNN model were tuned using non-dominated sorting genetic algorithm II (NSGA-II) to achieve the best accuracy with minimum training time. Once the optimized 1D-CNN model detects an attack, the Ryu controller dynamically adapts the network policies and employs appropriate mitigation techniques to protect the network infrastructure. To evaluate the effectiveness of the optimized 1D-CNN model, extensive experiments were conducted using a simulated SDN environment with a realistic DDoS attack dataset. The experimental results demonstrate that the developed approach achieves significantly improved detection accuracy of 99.99% compared to other machine learning (ML) models. The NSGA-II enhances the optimized model accuracy with an improvement rate of 9.5%, 8%, 5.4%, and 2.6% when it is compared to logistic regression (LR), random forest (RF), support vector machine (SVM), and k-nearest neighbor (KNN) optimized models respectively. This research paves the way for future developments in leveraging deep learning (DL) driven techniques and SDN architectures to address evolving cybersecurity challenges. |
| URI: | https://bura.brunel.ac.uk/handle/2438/27702 |
| DOI: | https://doi.org/10.1109/ACCESS.2023.3319214 |
| Other Identifiers: | ORCID iD: Yousif Al-Dunainawi https://orcid.org/0000-0003-1293-3345 ORCID iD: Bilal R. Al-Kaseem https://orcid.org/0000-0001-8264-6339 ORCID iD: Hamed Al-Raweshidy https://orcid.org/0000-0002-3702-8192 |
| Appears in Collections: | Dept of Electronic and Electrical Engineering Research Papers |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| FullText.pdf | © Copyright 2023 The Authors. This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/ | 3.84 MB | Adobe PDF | View/Open |
This item is licensed under a Creative Commons License
