Author
Listed:
- Samer Khamaiseh
(Department of Computer Science and Software Engineering, Miami University, Oxford, OH 45056, USA
These authors contributed equally to this work.)
- Abdullah Al-Alaj
(Department of Computer Science, Virginia Wesleyan University, Virginia Beach, VA 23455, USA
These authors contributed equally to this work.)
- Mohammad Adnan
(Department of Computer Information Systems, Yarmouk University, Irbid 21163, Jordan)
- Hakam W. Alomari
(Department of Computer Science and Software Engineering, Miami University, Oxford, OH 45056, USA)
Abstract
The design of existing machine-learning-based DoS detection systems in software-defined networking (SDN) suffers from two major problems. First, the proper time window for conducting network traffic analysis is unknown and has proven challenging to determine. Second, it is unable to detect unknown types of DoS saturation attacks. An unknown saturation attack is an attack that is not represented in the training data. In this paper, we evaluate three supervised classifiers for detecting a family of DDoS flooding attacks (UDP, TCP-SYN, IP-Spoofing, TCP-SARFU, and ICMP) and their combinations using different time windows. This work represents an extension of the runner-up best-paper award entitled ‘Detecting Saturation Attacks in SDN via Machine Learning’ published in the 2019 4th International Conference on Computing, Communications and Security (ICCCS). The results in this paper show that the trained supervised models fail in detecting unknown saturation attacks, and their overall detection performance decreases when the time window of the network traffic increases. Moreover, we investigate the performance of four semi-supervised classifiers in detecting unknown flooding attacks. The results indicate that semi-supervised classifiers outperform the supervised classifiers in the detection of unknown flooding attacks. Furthermore, to further increase the possibility of detecting the known and unknown flooding attacks, we propose an enhanced hybrid approach that combines two supervised and semi-supervised classifiers. The results demonstrate that the hybrid approach has outperformed individually supervised or semi-supervised classifiers in detecting the known and unknown flooding DoS attacks in SDN.
Suggested Citation
Samer Khamaiseh & Abdullah Al-Alaj & Mohammad Adnan & Hakam W. Alomari, 2022.
"The Robustness of Detecting Known and Unknown DDoS Saturation Attacks in SDN via the Integration of Supervised and Semi-Supervised Classifiers,"
Future Internet, MDPI, vol. 14(6), pages 1-20, May.
Handle:
RePEc:gam:jftint:v:14:y:2022:i:6:p:164-:d:825757
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:14:y:2022:i:6:p:164-:d:825757. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/gam/jftint/v14y2022i6p164-d825757.html
