IDEAS home Printed from https://ideas.repec.org/a/gam/jsusta/v13y2021i3p1522-d491171.html
   My bibliography  Save this article

Entropy Based Features Distribution for Anti-DDoS Model in SDN

Author

Listed:
  • Raja Majid Ali Ujjan

    (School of Computing, Engineering and Physical Sciences, University of the West of Scotland, Paisley PA1 2BE, UK)

  • Zeeshan Pervez

    (School of Computing, Engineering and Physical Sciences, University of the West of Scotland, Paisley PA1 2BE, UK)

  • Keshav Dahal

    (School of Computing, Engineering and Physical Sciences, University of the West of Scotland, Paisley PA1 2BE, UK)

  • Wajahat Ali Khan

    (College of Engineering and Technology, University of Derby, Derby DE22 3AW, UK)

  • Asad Masood Khattak

    (College of Technological Innovation, Zayed University, P.O. Box 144534, Abu Dhabi, United Arab Emirates)

  • Bashir Hayat

    (Institute of Management Sciences, Peshawar 54600, Pakistan)

Abstract

In modern network infrastructure, Distributed Denial of Service (DDoS) attacks are considered as severe network security threats. For conventional network security tools it is extremely difficult to distinguish between the higher traffic volume of a DDoS attack and large number of legitimate users accessing a targeted network service or a resource. Although these attacks have been widely studied, there are few works which collect and analyse truly representative characteristics of DDoS traffic. The current research mostly focuses on DDoS detection and mitigation with predefined DDoS data-sets which are often hard to generalise for various network services and legitimate users’ traffic patterns. In order to deal with considerably large DDoS traffic flow in a Software Defined Networking (SDN), in this work we proposed a fast and an effective entropy-based DDoS detection. We deployed generalised entropy calculation by combining Shannon and Renyi entropy to identify distributed features of DDoS traffic—it also helped SDN controller to effectively deal with heavy malicious traffic. To lower down the network traffic overhead, we collected data-plane traffic with signature-based Snort detection. We then analysed the collected traffic for entropy-based features to improve the detection accuracy of deep learning models: Stacked Auto Encoder (SAE) and Convolutional Neural Network (CNN). This work also investigated the trade-off between SAE and CNN classifiers by using accuracy and false-positive results. Quantitative results demonstrated SAE achieved relatively higher detection accuracy of 94% with only 6% of false-positive alerts, whereas the CNN classifier achieved an average accuracy of 93%.

Suggested Citation

  • Raja Majid Ali Ujjan & Zeeshan Pervez & Keshav Dahal & Wajahat Ali Khan & Asad Masood Khattak & Bashir Hayat, 2021. "Entropy Based Features Distribution for Anti-DDoS Model in SDN," Sustainability, MDPI, vol. 13(3), pages 1-27, February.
    • Handle: RePEc:gam:jsusta:v:13:y:2021:i:3:p:1522-:d:491171
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2071-1050/13/3/1522/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/2071-1050/13/3/1522/
    Download Restriction: no
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Mazhar Javed Awan & Umar Farooq & Hafiz Muhammad Aqeel Babar & Awais Yasin & Haitham Nobanee & Muzammil Hussain & Owais Hakeem & Azlan Mohd Zain, 2021. "Real-Time DDoS Attack Detection System Using Big Data Approach," Sustainability, MDPI, vol. 13(19), pages 1-19, September.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jsusta:v:13:y:2021:i:3:p:1522-:d:491171. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.