A Novel Approach for Distributed Denial of service defense using continuous wavelet transform and convolutional neural network for software-defined network

Fadaei Fouladi, Ramin; Ermis, Orhan; Anarim, Emin
Computers and Security, 27 October 2021, N°102524, Elsevier

Software-Defined Networks (SDNs) have emerged particularly for medium and large scale networks since they introduce agility and flexibility with the help of centralized network management by abstracting control plane from data forwarding plane. Although this centralized architecture provides various advantages in terms of effortlessly managing and optimizing network resources, this makes SDN vulnerable to conventional distributed denial of service (DDoS) attacks by making the network inoperable due to the overloaded network traffic. To address the vulnerability, in this work, we propose a detection and countermeasure scheme based on continuous wavelet transform (CWT) and convolutional neural network (CNN). The scheme uses features obtained from CWT as the input for the CNN classifier to differentiate attack samples from the normal ones. Our experimental results show that the proposed scheme achieves high detection rate against DNS amplification, NTP and TCP-SYN flood attacks with a remarkably low false alarm rate.


DOI
Type:
Journal
Date:
2021-10-27
Department:
Sécurité numérique
Eurecom Ref:
6724
Copyright:
© Elsevier. Personal use of this material is permitted. The definitive version of this paper was published in Computers and Security, 27 October 2021, N°102524, Elsevier and is available at : https://doi.org/10.1016/j.cose.2021.102524
See also:

PERMALINK : https://www.eurecom.fr/publication/6724