SDN-based In-Band DDoS Detection Using Ensemble Learning Algorithm on IoT Edge

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

Software-Defined Networking (SDN) has introduced ways to detect and manage potential vulnerabilities in Internet-of-Things (IoT) networks. On the IoT Edge, when the Edge servers may be vulnerable to attacks like Distributed Denial of Service (DDoS), fast feature extraction and attack detection are vital for timely mitigation. The capabilities for attack detection in SDN networks, however, are limited by the latency imposed by feature collection and extraction from the control plane. In this paper, we present a DDoS detection method by deploying programmable switches on the IoT Edge. Programmable switches can perform flexible feature collection and extraction directly in the data plane, allowing in-band feature processing. With such an in-band scheme and applying and comparing three Ensemble Learning models, the system can achieve a detection time within tens of milliseconds at an accuracy above 94% and a low False Positive Rate (FPR) of 0.002, while minimizing the impact on CPU usage.
Original languageEnglish
Title of host publicationProceedings of 25th Conference on Innovation in Clouds, Internet and Networks
PublisherIEEE
Publication date2022
Pages111-115
ISBN (Print)978-1-7281-8689-4
DOIs
Publication statusPublished - 2022
Event25th Conference on Innovation in Clouds, Internet and Networks - Paris, France
Duration: 7 Mar 202210 Mar 2022

Conference

Conference25th Conference on Innovation in Clouds, Internet and Networks
Country/TerritoryFrance
CityParis
Period07/03/202210/03/2022

Keywords

  • DDoS
  • P4
  • SDN
  • Machine Learning

Fingerprint

Dive into the research topics of 'SDN-based In-Band DDoS Detection Using Ensemble Learning Algorithm on IoT Edge'. Together they form a unique fingerprint.

Cite this