Ryu Controller-based Attack Detection and Mitigation Method in Software Defined Internet of Things

Ryu Controller-based Attack Detection and Mitigation Method in Software Defined Internet of Things

  IJETT-book-cover           
  
© 2023 by IJETT Journal
Volume-71 Issue-9
Year of Publication : 2023
Author : Pinkey Chauhan, Mithilesh Atulkar
DOI : 10.14445/22315381/IJETT-V71I9P213

How to Cite?

Pinkey Chauhan, Mithilesh Atulkar, "Ryu Controller-based Attack Detection and Mitigation Method in Software Defined Internet of Things," International Journal of Engineering Trends and Technology, vol. 71, no. 9, pp. 138-156, 2023. Crossref, https://doi.org/10.14445/22315381/IJETT-V71I9P213

Abstract
The innovative areas of software-defined networks and the Internet of Things are currently receiving significant attention in the IT industry and academic circles. As a result of their popularity, they have become a target for numerous attacks in the realm of SD-IoT (Software Defined Internet of Things). The attackers may aim to either pilfer or obstruct users’ data, in addition to depleting network resources through futility, thereby frustrating legitimate user demands. The category of attacks includes a form known as Distributed Denial of Service (DDoS). In this work, a centralized attack detection and mitigation approach has been proposed. For getting the most efficient attack detection and prevention method, a number of classifiers, namely Random Forest (RF), XGB, Light Gradient Boosting Machine (LGBM), ET, GB, Support Vector Machine (SVM), K-Nearest Neighbor (KNN), NB, SVM(Linear), LR, and SVM(Poly) have been trained and tested on two controller-based datasets. Their performance has been evaluated under precision, F1, Cohen’s Kappa Coefficient (CKC), recall, accuracy, False Alarm Rate (FAR), Testing Time, and AUC value. In both datasets, it is discovered that LGBM outperforms all other classifiers, but here, the performance of LGBM on the second dataset is better than that of the first dataset, so finally, LGBM trained with the second dataset is deployed in the controller of SDN where it detects and mitigates the attack from the live traffic in SD-IoT.

Keywords
Distributed Denial of Service Attack, Ryu, Mininet, Software-defined Internet of Things, hping3, D-ITG.

References
[1] Tariq Hussain et al., “Improving Source Location Privacy in Social Internet of Things using a Hybrid Phantom Routing Technique,” Computers and Security, vol. 123, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[2] Preetinder Singh Brar et al., “Using Modified Technology Acceptance Model to Evaluate the Adoption of a Proposed IoT-Based Indoor Disaster Management Software Tool by Rescue Workers,” Sensors, vol. 22, no. 5, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[3] Huseyin Polat, Onur Polat, and Aydin Cetin, “Detecting Ddos Attacks in Software-Defined Networks through Feature Selection Methods and Machine Learning Models,” Sustainability, vol. 12, no. 3, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[4] Jian Su et al., “Redundant Rule Detection for Software-Defined Networking,” KSII Transactions on Internet and Information Systems, vol. 14, no. 6, pp. 2735–2751, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[5] Jagmeet Kaur et al., “Packet Optimization of Software Defined Network using Lion Optimization,” Computers, Materials and Continua, vol. 69, no. 2, pp. 2617–2633, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[6] Alexandru L. Stancu et al., “A Comparison between Several Software Defined Networking Controllers,” 12th International Conference on Telecommunications in Modern Satellite, Cable and Broadcasting Services, TELSIKS, pp. 223–226, 2015.
[CrossRef] [Google Scholar] [Publisher Link]
[7] Lusani Mamushiane, Albert Lysko, and Sabelo Dlamini, “A Comparative Evaluation of the Performance of Popular SDN Controllers,” IFIP Wireless Days, pp. 54–59, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[8] K. Kaur, S. Kaur, and V. Gupta, “Performance Analysis of Python-based Openflow Controllers,” IET Conference Publications, 2016.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Safaa Mahrach, and Abdelkrim Haqiq, “DDoS Flooding Attack Mitigation in Software Defined Networks,” International Journal of Advanced Computer Science and Applications, vol. 11, no. 1, pp. 693–700, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[10] Nisharani Meti, D.G. Narayan, and V.P. Baligar, “Detection of Distributed Denial of Service Attacks using Machine Learning Algorithms in Software Defined Networks,” International Conference on Advances in Computing, Communications and Informatics, pp. 1366–1371, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[11] Mimi M Cherian, and Satishkumar L. Varma, “Mitigation of DDOS and MiTM Attacks using Belief Based Secure Correlation Approach in SDN-Based IoT Networks,” International Journal of Computer Network and Information Security, vol. 14, no. 1, pp. 52–68, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[12] Ranjit Panigrahi et al., “Performance Assessment of Supervised Classifiers for Designing Intrusion Detection Systems: A Comprehensive Review and Recommendations for Future Research,” Mathematics, vol. 9, no. 6, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[13] Nisha Ahuja et al., “Automated DDoS Attack Detection in Software Defined Networking,” Journal of Network and Computer Applications, vol. 187, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[14] Nagarathna Ravi, and S. Mercy Shalinie, “Learning-Driven Detection and Mitigation of DDoS Attacks in IoT via SDN-Cloud Architecture,” IEEE Internet of Things Journal, vol. 7, no. 4, pp. 3559–3570, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[15] I.Lakshmi, "Security Analysis in Internet of Things using DDoS Mechanisms," SSRG International Journal of Mobile Computing and Application, vol. 6, no. 1, pp. 19-24, 2019.
[CrossRef] [Publisher Link]
[16] Richakunal Sharma, and Nalini Kant Joshi, "Security and Privacy Problems in Cloud Computing," International Journal of Computer and Organization Trends, vol. 9, no. 4, pp. 30-39, 2019.
[Publisher Link]
[17] Afsaneh Banitalebi Dehkordi, and Mohammadreza Soltanaghaei, “A Novel Distributed Denial of Service (DDoS) Detection Method in Software Defined Networks,” IEEE Transactions on Industry Applications, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[18] Liang Tan et al., “A New Framework for DDoS Attack Detection and Defense in SDN Environment,” IEEE Access, vol. 8, pp. 161908–161919, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[19] M.V Sangeetha, and J Bhavithra, "Applying Packet Score Technique in SDN for DDoS Attack Detection," SSRG International Journal of Computer Science and Engineering, vol. 5, no. 6, pp. 20-24, 2018.
[CrossRef] [Publisher Link]
[20] Animesh Kumar, Sandip Dutta, and Prashant Pranav, "A Comparative Study of DDoS Attack in Cloud Computing Environment," SSRG International Journal of Electronics and Communication Engineering, vol. 10, no. 7, pp. 87-96, 2023.
[CrossRef] [Publisher Link]
[21] Raveendranadh Bokka, and Tamilselvan Sadasivam, "Securing IoT Networks: RPL Attack Detection with Deep Learning GRU Networks," International Journal of Recent Engineering Science, vol. 10, no. 2, pp. 13-21, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[22] Zhuo Chen et al., “XGBoost Classifier for DDoS Attack Detection and Analysis in SDN-Based Cloud,” IEEE International Conference on Big Data and Smart Computing, BigComp, pp. 251–256, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[23] Quamar Niyaz, Weiqing Sun, and Ahmad Y. Javaid, “A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN),” ICST Transactions on Security and Safety, vol. 4, no. 12, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[24] B.V. Karan, D.G. Narayan, and P.S. Hiremath, “Detection of DDoS Attacks in Software Defined Networks,” Proceedings 3rd International Conference on Computational Systems and Information Technology for Sustainable Solutions, CSITSS, pp. 265–270, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[25] Prashant Kumar et al., “SAFETY: Early Detection and Mitigation of TCP SYN Flood Utilizing Entropy in SDN,” IEEE Transactions on Network and Service Management, vol. 15, no. 4, pp. 1545–1559, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[26] K. Giotis et al., “Combining Openflow and Sflow for an Effective and Scalable Anomaly Detection and Mitigation Mechanism on SDN Environments,” Computer Networks, vol. 62, pp. 122–136, 2014.
[CrossRef] [Google Scholar] [Publisher Link]
[27] Yang Wang et al., “SGS: Safe-Guard Scheme for Protecting Control Plane Against DDoS Attacks in Software-Defined Networking,” IEEE Access, vol. 7, pp. 34699–34710, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[28] Shanshan Yu et al., “A Cooperative DDoS Attack Detection Scheme based on Entropy and Ensemble Learning in SDN,” Eurasip Journal on Wireless Communications and Networking, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[29] Jin Ye et al., “A DDoS Attack Detection Method Based on SVM in Software Defined Network,” Security and Communication Networks, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[30] Mert Özçelik, Niaz Chalabianloo, and Gürkan Gür, “Software-Defined Edge Defense Against IoT-Based DDoS,” IEEE CIT 17th IEEE International Conference on Computer and Information Technology, pp. 308–313, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[31] Kshira Sagar Sahoo et al., “An Evolutionary SVM Model for DDoS Attack Detection in Software Defined Networks,” IEEE Access, vol. 8, pp. 132502–132513, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[32] Myo Myint Oo et al., “Advanced Support Vector Machine-(ASVM-) based Detection for Distributed Denial of Service (DDoS) attack on Software Defined Networking (SDN),” Journal of Computer Networks and Communications, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[33] Muhammad Arslan Sarwar et al., “FlowJustifier: An optimized Trust-Based Request Prioritization Approach for Mitigation of SDN Controller DDoS Attacks in the IoT Paradigm,” Proceedings of the 3rd International Conference on Future Networks and Distributed Systems, pp. 1-9, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[34] Kübra Kalkan et al., “JESS: Joint Entropy-Based DDoS Defense Scheme in SDN,” IEEE Journal on Selected Areas in Communications, vol. 36, no. 10, pp. 2358–2372, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[35] Manal Abdullah et al., “Enhanced Intrusion Detection System using Feature Selection Method and Ensemble Learning Algorithms,” International Journal of Computer Science and Information Security, vol. 16, no. 2, pp. 48–55, 2018.
[Google Scholar] [Publisher Link]
[36] Meng Wang, Yiqin Lu, and Jiancheng Qin, “A Dynamic MLP-based DDoS Attack Detection Method using Feature Selection and Feedback,” Computers and Security, vol. 88, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[37] Irfan Ullah Khan et al., “A Proactive Attack Detection for Heating, Ventilation, and Air Conditioning (HVAC) System Using Explainable Extreme Gradient Boosting Model (XGBoost),” Sensors, vol. 22, no. 23, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[38] S.R. Khonde, and V. Ulagamuthalvi, “Ensemble and Feature Selection-based Intrusion Detection System for Multi-Attack Environment,” 5th International Conference on Computing, Communication and Security (ICCCS), pp. 1-8, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[39] Guolin Ke et al., “LightGBM: A Highly Efficient Gradient Boosting Decision Tree,” Advances in Neural Information Processing Systems, pp. 3147–3155, 2017.
[Google Scholar] [Publisher Link]
[40] Shi Dong, and Mudar Sarem, “DDoS Attack Detection Method Based on Improved KNN with the Degree of DDoS Attack in Software-Defined Networks,” IEEE Access, vol. 8, pp. 5039–5048, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[41] Gholamreza Farahani, “Black Hole Attack Detection Using K-Nearest Neighbor Algorithm and Reputation Calculation in Mobile Ad Hoc Networks,” Security and Communication Networks, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[42] Amit V Kachavimath, Shubhangeni Vijay Nazare, and Sheetal S Akki, “Distributed Denial of Service Attack Detection using Naïve Bayes and K-Nearest Neighbor for Network Forensics,” 2nd International Conference on Innovative Mechanisms for Industry Applications, pp. 711–717, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[43] Taqwa Ahmed Alhaj et al., “Feature Selection using Information Gain for Improved Structural-Based Alert Correlation,” PLoS ONE, vol. 11, no. 11, 2016.
[CrossRef] [Google Scholar] [Publisher Link]
[44] Pullagura Indira Priyadarsini, “ABC-BSRF: Artificial Bee Colony and Borderline-SMOTE RF Algorithm for Intrusion Detection System on Data Imbalanced Problem,” Lecture Notes on Data Engineering and Communications Technologies, vol. 56, pp. 15–29, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[45] Zhe Wang, Chenjie Cao, and Yujin Zhu, “Entropy and Confidence-Based Undersampling Boosting Random Forests for Imbalanced Problems,” IEEE Transactions on Neural Networks and Learning Systems, vol. 31, no. 12, pp. 5178–5191, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[46] Ravindra Kumar Chouhan, Mithilesh Atulkar, and Naresh Kumar Nagwani, “Performance Comparison of Ryu and Floodlight Controllers in Different SDN Topologies,” 1st International Conference on Advanced Technologies in Intelligent Control, Environment, Computing and Communication Engineering, ICATIECE, pp. 188–191, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[47] Alessio Botta, Alberto Dainotti, and Antonio Pescapé, “A Tool for the Generation of Realistic Network Workload for Emerging Networking Scenarios,” Computer Networks, vol. 56, no. 15, pp. 3531–3547, 2012.
[CrossRef] [Google Scholar] [Publisher Link]
[48] Salma Elhag et al., “A Multi-Objective Evolutionary Fuzzy System to Obtain a Broad and Accurate Set of Solutions in Intrusion Detection Systems,” Soft Computing, vol. 23, pp. 1321–1336, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[49] Faisal Hussain et al., “IoT DoS and DDoS Attack Detection using ResNet,” IEEE 23rd International Multitopic Conference, pp. 1-6, 2020.
[CrossRef] [Google Scholar] [Publisher Link]