1
Faculty of Computer and Information, Mansoura University, Egypt
(khadijashazly@students.mans.edu.eg )
2
Misr University for Science and Technology (MUST) Faculty of Engineering Department of computer and software engineering, Egypt
(dena.salem@gmail.com)
3
Computer Engineering Department, College of Engineering and Computer Sciences, Mustaqbal University, Buraydah 52547, Saudi Arabia
(nshammami-t@uom.edu.sa)
4
Arab Academy for Science and Technology and Maritime Transport, Egypt
(ahmed.bahgat@aast.edu)
Abstract :
Network security has become considerably essential because of the expansion of the internet of things (IoT) devices. One of the greatest hazards of today's networks is distributed denial of service (DDoS) attacks, which could destroy critical network services. Recently numerous IoT devices are unsuspectingly attacked by DDoS. To securely manage IoT equipment, researchers have introduced software-defined networks (SDN). This paper aims to analyze and discuss machine learning-based systems for SDN security networks from DDoS attacks. The results have indicated that the algorithms for machine learning can be used to detect DDoS attacks in SDN efficiently. From machine learning approaches, it can be explored that the best way to detect DDoS attacks is based on utilizing deep learning procedures. Moreover, analyze the methods that combine it with other machine learning techniques. The most benefits that can be achieved from using deep learning methods are the ability to do both feature extraction along with data classification; the ability to extract specific information from partial data. Nevertheless, it is appropriate to recognize the low-rate attack, and it can get more computation resources than other machine learning where it can use a graphics processing unit (GPU) rather than a central processing unit (CPU) for carrying out the matrix operations, making the processes computationally effective and fast.
Keywords :
IoT; Botnets; Machine Learning; Feature Selection
References :
[1] I. Cviti´c, D. Perakovi´c, B. Gupta, K. K. R. Choo, Boosting-based DDoS detection in the
internet of things systems. IEEE Int. Things J., 2021.
[2] Albulayhi K.; Smadi, A.A. Sheldon, F.T. Abercrombie, R.K, ―IoT Intrusion Detection
Taxonomy, Reference Architecture, and Analyses. Sensors 12, 6432, 2021.
[3] Statistical Portal. Internet of Things (IoT) Connected Devices Installed Base Worldwide from
2015 to 2025 (in Billions). Available online: https://www.statista.com/statistics/471264/iotnumber-
of-connected-devices-worldwide.
[4] Rose, K.; Eldridge, S.; Chapin, L. The Internet of Things: An Overview Understanding the
Issues and Challenges of a More Connected World. 2015.
[5] Cisco, Cisco Visual Networking Index (VNI) global Mobile data traffic Forecast update, 2017–
2022, Cisco Systems Inc., San Jose, CA, USA, 2019.
[6] Broadcom, ―Symantec Internet Security Threat Report 2019. 24, 2020.
[7] A. Marzano, D. Alexander, O. Fonseca et al., ―The Evolution of Bashlite and Mirai IoT botnets.
Proceedings of the IEEE Symposium on Computers and Communications, 813–818, IEEE,
Natal, Brazil, 2018.
[8] Mohit kumar, ―IoT botnets found using Default Credentials for C&C server Databases. 2020,
[9] Bankinfosecurity, ―Massive botnet attack used more than 400,000 IoT devices. 2020,
https://www.bankinfosecurity.com/massivebotnet-attack-used-more-than-400000-iotdevices-a-
12841.
[10] Enigmasoftware, ―BASHLITE Malware Hits Over One Million IoT Devices. 2020,
https://www.enigmasoftware.com/ bashlite-malware-hits-one-million-iot-devices/.
[11] Thingbots,―The Future of Botnets in the Internet of Things. 2020,
https://securityintelligence.com/thingbots-the-futureof- botnets-in-the-internet-of-things.
[12] S. A. R. Shah and B. Issac, ―Performance comparison of intrusion detection systems and
application of machine learning to Snort system .Future Generation Computer Systems, 80,
157–170, 2018.
[13] M. A. Ferrag and L. D.C. Maglaras, ―A novel deep learning and Blockchain-based Energy
Exchange framework for smart Grids. IEEE Transactions on Engineering Management, 67)4),
2019.
[14] M. A. Ferrag, L. Maglaras, S. Moschoyiannis, and H. Janicke, ―Deep learning for cyber security
intrusion detection: approaches, datasets, and comparative study. Journal of Information Security
and Applications, 50,102419, 2020.
[15] O. Alkadi, N. Moustafa, B. Turnbull, and K. K. R. Choo, ―A deep Blockchain frameworkenabled
Collaborative intrusion detection for protecting IoT and Cloud networks. IEEE Internet
Things J, 8(12), 2020.
[16] M. A. Al-Garadi, A. Mohamed, A. Al-Ali, X. Du, I. Ali, and M. Guizani, ―A Survey of Machine
and Deep Learning Methods for Internet of Things (IoT) Security. IEEE Communications
Surveys & Tutorials, 22(3), 2018.
[17] X. Xie, D. Wu, S. Liu, and R. Li, ―IoT Data Analytics Using Deep Learning,‖ 2017,
https://arxiv.org/abs/1708.03854.
[18] F. Alam, R. Mehmood, I. Katib, and A. Albeshri, ―Analysis of eight data mining algorithms for
smarter internet of things (IoT). Procedia Computer Science, 98, 437–442, 2016.
[19] X. Li, P. Yi, W. Wei, Y. Jiang, Tian, and L. Lnnls-Kh, ―A feature selection method for network
intrusion detection. Secur. Commun. Netw., Article ID 8830431, 22 pages, 2021.
[20] S. Yilmaz and S. Sen, ―Early detection of botnet Activities using Grammatical Evolution,‖ in
Applications of Evolutionary Computation., 395–404, Springer International Publishing,
Berlin/Heidelberg, Germany, 2019.
[21] M. Mazini, B. Shirazi, and I. Mahdavi, ―Anomaly network based intrusion detection system
using a reliable hybrid artificial bee colony and AdaBoost algorithms. Journal of King Saud
University - Computer and Information Sciences, 31(4), 541–553, 2019.
[22] A. Al Shorman, H. Faris, and I. Aljarah, ―Unsupervised intelligent system based on one class
support vector machine and Grey Wolf optimization for IoT botnet detection. Journal of
Ambient Intelligence and Humanized Computing, 11 (7), 2809–2825, 2020.
[23] K.-C. Lin, S.-Y. Chen, and J. C. Hung, ―Botnet detection using support vector machines with
artificial fish Swarm algorithm. Journal of Applied Mathematics, pp. 1–9, 2014.
[24] Y. Yu, J. Long, F. Liu, and Z. Cai, ―Machine learning combining with visualization for intrusion
detection: a survey. Proceedings of the International Conference on Modeling Decisions for
Artificial Intelligence, 239–249, Springer, Cham, Sant Juli`a de L`oria, Andorra, September
2016.
[25] K. Shinan, K. Alsubhi, A. Alzahrani, and M. U. Ashraf, ―Machine learning-based botnet
detection in software-defined network: a systematic review. Symmetry, 13 (5), 2021.
[26] M. Alauthman, N. Aslam, M. Al-kasassbeh, S. Khan, A. Al- Qerem, and K.-K. Raymond Choo,
―An efficient reinforcement learning-based Botnet detection approach. Journal of Network and
Computer Applications, 150, Article ID 102479, 2020.
[27] Abu Al-Haija, Q. Top-Down Machine Learning-Based Architecture for Cyberattacks
Identification and Classification in Io Communication Networks. Front. Big Data 2022.
[28] Abu Al-Haija, Q.; Al-Badawi, A. Attack-Aware IoT Network Traffic Routing Leveraging
Ensemble Learning. Sensors, 22, 241, 2022.
[29] Al-Haija, Q.A.; Saleh, E.; Alnabhan, M. Detecting Port Scan Attacks Using Logistic Regression.
Proceedings of the 2021 4th International Symposium on Advanced Electrical and
Communication Technologies (ISAECT), Khobar, Saudi Arabia, 1-5, 2021.
[30] Tsogbaatar, E.; Bhuyan, M.H.; Taenaka, Y.; Fall, D.; Gonchigsumlaa, K.; Elmroth, E.;
Kadobayashi, Y. DeL-IoT: A deep ensemble learning approach to uncover anomalies in IoT.
Internet Things 2021.
[31] Rezaei, A. Using Ensemble Learning Technique for Detecting Botnet on IoT. SN Comput. Sci.
4, 2021.
[32] Tsogbaatar, E.; Bhuyan, M.H.; Taenaka, Y.; Fall, D.; Gonchigsumlaa, K.; Elmroth, E.;
Kadobayashi, Y. DeL-IoT: A deep ensemble learning approach to uncover anomalies in IoT.
Internet Things 2021, 14.
[33] Rezaei, A. Using Ensemble Learning Technique for Detecting Botnet on IoT. SN Comput. Sci.
4, 2021.
[34] Özçelik, M.; Chalabianloo, N.; Gür, G. Software-Defined Edge Defense against IoT-Based
DDoS. Proceedings of the IEEE International Conference on Computer and Information
Technology (CIT 17), Helsinki, Finland, 21–23 August 2017.
[35] Summerville, D.H.; Zach, K.M.; Chen, Y. Ultra-Lightweight Deep Packet Anomaly Detection
for Internet of Things Devices. Proceedings of the 2015 IEEE 34th International Performance
Computing and Communications Conference (IPCCC 15), Mamkomg, China, 14–16 December
2015.
[36] Yang, L.; Shami, A. A Lightweight Concept Drift Detection and Adaptation Framework for IoT
Data Streams. IEEE Internet Things Mag. , 4, 96-101, 2021.
[37] Qaddoura, R.; Al-Zoubi, A.M.; Almomani, I.; Faris, H. A Multi-Stage Classification Approach
for IoT Intrusion Detection Based on Clustering with Oversampling. Appl. Sci. 11, 2021.
[38] Shi, W.C.; Sun, H.M. DeepBot: A time-based botnet detection with deep learning. Soft.
Comput. 24, 16605-16616, 2020.
[39] Nguyen, H.-T.; Ngo, Q.-D.; Le, V.-H. IoT Botnet Detection Approach Based on PSI graph and
DGCNN classifier. Proceedings of the 2018 IEEE International Conference on Information
Communication and Signal Processing (ICICSP), Singapore, 118-122, September 2018.
[40] McDermott, C.D.; Majdani, F.; Petrovski, A.V. Botnet Detection in the Internet of Things using
Deep Learning Approaches. In Proceedings of the 2018 International Joint Conference on Neural
Networks (IJCNN), Rio de Janeiro, Brazil, 1-8, 2018.
[41] Stiawan, D.; Suryani, M.E.; Susanto; Idris, M.Y.; Aldalaien, M.N.; Alsharif, N.; Budiarto, R.
Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things
(IoT) Network. IEEE Access , 9, 116475–116484, 2021.
[42] S. Khorsandroo, A. G. Sánchez, A. S. Tosun, J. M. Arco, and R. Doriguzzi-Corin, "Hybrid SDN
evolution: A comprehensive survey of the state-of-the-art. Computer Networks, 192, 107981,
2021.
[43] M. Jammal, T. Singh, A. Shami, R. Asal, and Y. Li, "Software defined networking: State of the
art and research challenges. Computer Networks, 72, 74-98, 2014.
[44] A. Bonguet and M. Bellaiche, "A survey of denial-of-service and distributed denial of service
attacks and defenses in cloud computing. Future Internet, 9, 43, 2017.
[45] B. Chu, T. J. Holt, and G. J. Ahn, "Examining the creation, distribution, and function of
malware on-line," National Institute of Justice, Washington, DC, 2010.
[46] E. C. Ogu, O. A. Ojesanmi, O. Awodele, and S. Kuyoro, "A botnets circumspection: The
current threat landscape, and what we know so far. Information, 10, 337, 2019.
[47] T. Mahjabin, Y. Xiao, G. Sun, and W. Jiang, "A survey of distributed denial-of-service attack,
prevention, and mitigation techniques. International Journal of Distributed Sensor Networks, 13,
1550147717741463, 2017.
[48] I. Sreeram and V. P. K. Vuppala, "HTTP flood attack detection in application layer using
machine learning metrics and bio inspired bat algorithm. Applied computing and informatics, 15,
59-66, 2019.
[49] D. Kreutz, F. M. Ramos, P. E. Verissimo, C. E. Rothenberg, S. Azodolmolky, and S. Uhlig,
"Software-defined networking: A comprehensive survey," Proceedings of the IEEE, 103, 14-76,
2014.
[50] N. Sultana, N. Chilamkurti, W. Peng, and R. Alhadad, "Survey on SDN based network intrusion
detection system using machine learning approaches," Peer-to-Peer Networking and
Applications, vol. 12, pp. 493-501, 2019.
[51] B. Isyaku, M. S. Mohd Zahid, M. Bte Kamat, K. Abu Bakar, and F. A. Ghaleb, "Software
defined networking flow table management of openflow switches performance and security
challenges: A survey," Future Internet, vol. 12, p. 147, 2020.
[52] S. M. Mousavi and M. St-Hilaire, "Early detection of DDoS attacks against SDN controllers.
Proceeding of international conference on computing, networking and communications (ICNC),
77-81, 2015.
[53] K. Shinan, K. Alsubhi, A. Alzahrani, and M. U. Ashraf, "Machine learning-based botnet
detection in software-defined network: a systematic review. Symmetry, 13, 866, 2021.
[54] T. Abhiroop, S. Babu, and B. Manoj, "A machine learning approach for detecting DoS attacks
in SDN switches," Proceeding of National Conference on Communications (NCC), 1-6. 2018.
[55] J. Ye, X. Cheng, J. Zhu, L. Feng, and L. Song, "A DDoS attack detection method based on
SVM in software defined network. Security and Communication Networks, 2018.
[56] R. Santos, D. Souza, W. Santo, A. Ribeiro, and E. Moreno, "Machine learning algorithms to
detect DDoS attacks in SDN. Concurrency and Computation: Practice and Experience, 32,
e5402, 2020.
[57] M. S. Elsayed, N.-A. Le-Khac, S. Dev, and A. D. Jurcut, "Machine-learning techniques for
detecting attacks in SDN," in 2019 IEEE 7th International Conference on Computer Science and
Network Technology (ICCSNT), 277-281, 2019.
[58] M. Wang, Y. Lu, and J. Qin, "A dynamic MLP-based DDoS attack detection method using
feature selection and feedback. Computers & Security, 88, 101645, 2020.
[59] B. Karan, D. Narayan, and P. Hiremath, "Detection of DDoS attacks in software defined
networks," Proceeding of International Conference on Computational Systems and Information
Technology for Sustainable Solutions (CSITSS), 265-270, 2018.
[60] Y. Liu, M. Dong, K. Ota, J. Li, and J. Wu, "Deep reinforcement learning based smart mitigation
of DDoS flooding in software-defined networks," Proceeding of IEEE International Workshop
on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD),
1-6, 2018.
[61] C. Li, Y. Wu, X. Yuan, Z. Sun, W. Wang, X. Li, et al., "Detection and defense of DDoS attack–
based on deep learning in OpenFlow‐based SDN. International Journal of Communication
Systems, 31, e3497, 2018.
[62] A. Jose, L. R. Nair, and V. Paul, "Mitigation of Distributed Denial of Service (DDoS) Attacks
over Software Defined Networks (SDN) using Machine Learning and Deep Learning
Techniques. International Journal of Innovative Technology and Exploring Engineering
(IJITEE), 8, 2019.
[63] S. Haider, A. Akhunzada, I. Mustafa, T. B. Patel, A. Fernandez, K.-K. R. Choo, et al., "A deep
CNN ensemble framework for efficient DDoS attack detection in software defined networks.
IEEE Access, 8, 53972-53983, 2020.
[64] El-Kenawy, El-Sayed M., Marwa Eid, and Alshimaa H. Ismail. "A New Model for Measuring
Customer Utility Trust in Online Auctions." International Journal of Computer Applications 975:
8887.
[65] El-kenawy, El-Sayed M., Hattan F. Abutarboush, Ali Wagdy Mohamed, and Abdelhameed
Ibrahim. "Advance artificial intelligence technique for designing double T-shaped monopole
antenna." CMC-COMPUTERS MATERIALS & CONTINUA 69, no. 3 (2021): 2983-2995.
[66] El-kenawy, El-Sayed M., Marwa M. Eid, and Abdelhameed Ibrahim. "Anemia estimation for
covid-19 patients using a machine learning model." Journal of Computer Science and
Information Systems 17, no. 11 (2021): 2535-1451.
[67] Ibrahim, Abdelhameed, Seyedali Mirjalili, Mohammed El-Said, Sherif SM Ghoneim, Mosleh M.
Al-Harthi, Tarek F. Ibrahim, and El-Sayed M. El-Kenawy. "Wind speed ensemble forecasting
based on deep learning using adaptive dynamic optimization algorithm." IEEE Access 9 (2021):
125787-125804.
[68] Mohamed Saber, Efficient Phase Recovery System. Indonesian Journal of Electrical Engineering
and Computer Science, 5 (1), 123-129, 2017.
[69] Mohamed Saber, A novel design and Implementation of FBMC transceiver for low power
applications. Indonesian Journal of Electrical Engineering and Informatics, 8(1), 83-93, 2020.
| Style | # |
|---|---|
| MLA | Khadija Shazly, Dina A. Salem, Nacereddine Hammami, Ahmed I. B. ElSeddawy. "A Review on Distributed Denial of Service Detection in Software Defined Network." International Journal of Wireless and Ad Hoc Communication, Vol. 5, No. 2, 2022 ,PP. 08-18 (Doi : https://doi.org/10.54216/IJWAC.050201) |
| APA | Khadija Shazly, Dina A. Salem, Nacereddine Hammami, Ahmed I. B. ElSeddawy. (2022). A Review on Distributed Denial of Service Detection in Software Defined Network. Journal of International Journal of Wireless and Ad Hoc Communication, 5 ( 2 ), 08-18 (Doi : https://doi.org/10.54216/IJWAC.050201) |
| Chicago | Khadija Shazly, Dina A. Salem, Nacereddine Hammami, Ahmed I. B. ElSeddawy. "A Review on Distributed Denial of Service Detection in Software Defined Network." Journal of International Journal of Wireless and Ad Hoc Communication, 5 no. 2 (2022): 08-18 (Doi : https://doi.org/10.54216/IJWAC.050201) |
| Harvard | Khadija Shazly, Dina A. Salem, Nacereddine Hammami, Ahmed I. B. ElSeddawy. (2022). A Review on Distributed Denial of Service Detection in Software Defined Network. Journal of International Journal of Wireless and Ad Hoc Communication, 5 ( 2 ), 08-18 (Doi : https://doi.org/10.54216/IJWAC.050201) |
| Vancouver | Khadija Shazly, Dina A. Salem, Nacereddine Hammami, Ahmed I. B. ElSeddawy. A Review on Distributed Denial of Service Detection in Software Defined Network. Journal of International Journal of Wireless and Ad Hoc Communication, (2022); 5 ( 2 ): 08-18 (Doi : https://doi.org/10.54216/IJWAC.050201) |
| IEEE | Khadija Shazly, Dina A. Salem, Nacereddine Hammami, Ahmed I. B. ElSeddawy, A Review on Distributed Denial of Service Detection in Software Defined Network, Journal of International Journal of Wireless and Ad Hoc Communication, Vol. 5 , No. 2 , (2022) : 08-18 (Doi : https://doi.org/10.54216/IJWAC.050201) |