Volume 5 , Issue 2 , PP: 08-18, 2022 | Cite this article as | XML | Html | PDF | Review Article
Khadija Shazly 1 * , Dina A. Salem 2 , Nacereddine Hammami 3 , Ahmed I. B. ElSeddawy 4
Doi: https://doi.org/10.54216/IJWAC.050201
Network security has become considerably essential because of the expansion of the internet of things (IoT) devices. One of the greatest hazards of today's networks is distributed denial of service (DDoS) attacks, which could destroy critical network services. Recently numerous IoT devices are unsuspectingly attacked by DDoS. To securely manage IoT equipment, researchers have introduced software-defined networks (SDN). This paper aims to analyze and discuss machine learning-based systems for SDN security networks from DDoS attacks. The results have indicated that the algorithms for machine learning can be used to detect DDoS attacks in SDN efficiently. From machine learning approaches, it can be explored that the best way to detect DDoS attacks is based on utilizing deep learning procedures. Moreover, analyze the methods that combine it with other machine learning techniques. The most benefits that can be achieved from using deep learning methods are the ability to do both feature extraction along with data classification; the ability to extract specific information from partial data. Nevertheless, it is appropriate to recognize the low-rate attack, and it can get more computation resources than other machine learning where it can use a graphics processing unit (GPU) rather than a central processing unit (CPU) for carrying out the matrix operations, making the processes computationally effective and fast.
IoT , Botnets , Machine Learning , Feature Selection
[1] Cviti´c, D. Perakovi´c, B. Gupta, K. K. R. Choo, Boosting-based DDoS detection in the internet of things systems. IEEE Int. Things J., 2021.
[2] Albulayhi K.; Smadi, A.A. Sheldon, F.T. Abercrombie, R.K, ―IoT Intrusion Detection Taxonomy, Reference Architecture, and Analyses. Sensors 12, 6432, 2021.
[3] Statistical Portal. Internet of Things (IoT) Connected Devices Installed Base Worldwide from 2015 to 2025 (in Billions). Available online: https://www.statista.com/statistics/471264/iotnumber- of-connected-devices-worldwide.
[4] Rose, K.; Eldridge, S.; Chapin, L. The Internet of Things: An Overview Understanding the Issues and Challenges of a More Connected World. 2015.
[5] Cisco, Cisco Visual Networking Index (VNI) global Mobile data traffic Forecast update, 2017– 2022, Cisco Systems Inc., San Jose, CA, USA, 2019.
[6] Broadcom, ―Symantec Internet Security Threat Report 2019. 24, 2020.
[7] Marzano, D. Alexander, O. Fonseca et al., ―The Evolution of Bashlite and Mirai IoT botnets. Proceedings of the IEEE Symposium on Computers and Communications, 813–818, IEEE, Natal, Brazil, 2018.
[8] Mohit kumar, ―IoT botnets found using Default Credentials for C&C server Databases. 2020,
[9] Bankinfosecurity, ―Massive botnet attack used more than 400,000 IoT devices. 20 20, https://www.bankinfosecurity.com/massivebotnet-attack-used-more-than-400000-iotdevices-a- 12841.
[10] Enigmasoftware, ―BASHLITE Malware Hits Over One Million IoT Devices. 2020, https://www.enigmasoftware.com/ bashlite-malware-hits-one-million-iot-devices/.
[11] Thingbots,―The Future of Botnets in the Internet of Things. 2020, https://securityintelligence.com/thingbots-the-futureof- botnets-in-the-internet-of-things.
[12] S. A. R. Shah and B. Issac, ―Performance comparison of intrusion detection systems and application of machine learning to Snort system .Future Generation Computer Systems, 80, 157–170, 2018.
[13] M. A. Ferrag and L. D.C. Maglaras, ―A novel deep learning and Blockchain-based Energy Exchange framework for smart Grids. IEEE Transactions on Engineering Management, 67)4), 2019.
[14] M. A. Ferrag, L. Maglaras, S. Moschoyiannis, and H. Janicke, ―Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study. Journal of Information Security and Applications, 50,102419, 2020.
[15] O. Alkadi, N. Moustafa, B. Turnbull, and K. K. R. Choo, ―A deep Blockchain frameworkenabled Collaborative intrusion detection for protecting IoT and Cloud networks. IEEE Internet Things J, 8(12), 2020.
[16] M. A. Al-Garadi, A. Mohamed, A. Al-Ali, X. Du, I. Ali, and M. Guizani, ―A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security. IEEE Communications Surveys & Tutorials, 22(3), 2018.
[17] X. Xie, D. Wu, S. Liu, and R. Li, ―IoT Data Analytics Using Deep Learning,‖ 2017, https://arxiv.org/abs/1708.03854.
[18] F. Alam, R. Mehmood, I. Katib, and A. Albeshri, ―Analysis of eight data mining algorithms for smarter internet of things (IoT). Procedia Computer Science, 98, 437–442, 2016.
[19] X. Li, P. Yi, W. Wei, Y. Jiang, Tian, and L. Lnnls-Kh, ―A feature selection method for network intrusion detection. Secur. Commun. Netw., Article ID 8830431, 22 pages, 2021.
[20] S. Yilmaz and S. Sen, ―Early detection of botnet Activities using Grammatical Evolution,‖ in Applications of Evolutionary Computation., 395–404, Springer International Publishing, Berlin/Heidelberg, Germany, 2019.
[21] M. Mazini, B. Shirazi, and I. Mahdavi, ―Anomaly network based intrusion detection system using a reliable hybrid artificial bee colony and AdaBoost algorithms. Journal of King Saud University - Computer and Information Sciences, 31(4), 541–553, 2019.
[22] Al Shorman, H. Faris, and I. Aljarah, ―Unsupervised intelligent system based on one class support vector machine and Grey Wolf optimization for IoT botnet detection. Journal of Ambient Intelligence and Humanized Computing, 11 (7), 2809–2825, 2020.
[23] K.-C. Lin, S.-Y. Chen, and J. C. Hung, ―Botnet detection using support vector machines with artificial fish Swarm algorithm. Journal of Applied Mathematics, pp. 1–9, 2014.
[24] Y. Yu, J. Long, F. Liu, and Z. Cai, ―Machine learning combining with visualization for intrusion detection: a survey. Proceedings of the International Conference on Modeling Decisions for Artificial Intelligence, 239–249, Springer, Cham, Sant Juli`a de L`oria, Andorra, September 2016.
[25] K. Shinan, K. Alsubhi, A. Alzahrani, and M. U. Ashraf, ―Machine learning-based botnet detection in software-defined network: a systematic review. Symmetry, 13 (5), 2021.
[26] M. Alauthman, N. Aslam, M. Al-kasassbeh, S. Khan, A. Al- Qerem, and K.-K. Raymond Choo, ―An efficient reinforcement learning-based Botnet detection approach. Journal of Network and Computer Applications, 150, Article ID 102479, 2020.
[27] Abu Al-Haija, Q. Top-Down Machine Learning-Based Architecture for Cyberattacks Identification and Classification in Io Communication Networks. Front. Big Data 2022.
[28] Abu Al-Haija, Q.; Al-Badawi, A. Attack-Aware IoT Network Traffic Routing Leveraging Ensemble Learning. Sensors, 22, 241, 2022.
[29] Al-Haija, Q.A.; Saleh, E.; Alnabhan, M. Detecting Port Scan Attacks Using Logistic Regression. Proceedings of the 2021 4th International Symposium on Advanced Electrical and Communication Technologies (ISAECT), Khobar, Saudi Arabia, 1-5, 2021.
[30] Tsogbaatar, E.; Bhuyan, M.H.; Taenaka, Y.; Fall, D.; Gonchigsumlaa, K.; Elmroth, E.; Kadobayashi, Y. DeL-IoT: A deep ensemble learning approach to uncover anomalies in IoT. Internet Things 2021.
[31] Rezaei, A. Using Ensemble Learning Technique for Detecting Botnet on IoT. SN Comput. Sci. 4, 2021.
[32] Tsogbaatar, E.; Bhuyan, M.H.; Taenaka, Y.; Fall, D.; Gonchigsumlaa, K.; Elmroth, E.; Kadobayashi, Y. DeL-IoT: A deep ensemble learning approach to uncover anomalies in IoT. Internet Things 2021, 14.
[33] Rezaei, A. Using Ensemble Learning Technique for Detecting Botnet on IoT. SN Comput. Sci. 4, 2021.
[34] Özçelik, M.; Chalabianloo, N.; Gür, G. Software-Defined Edge Defense against IoT-Based DDoS. Proceedings of the IEEE International Conference on Computer and Information Technology (CIT 17), Helsinki, Finland, 21–23 August 2017.
[35] Summerville, D.H.; Zach, K.M.; Chen, Y. Ultra-Lightweight Deep Packet Anomaly Detection for Internet of Things Devices. Proceedings of the 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC 15), Mamkomg, China, 14–16 December 2015.
[36] Yang, L.; Shami, A. A Lightweight Concept Drift Detection and Adaptation Framework for IoT Data Streams. IEEE Internet Things Mag. , 4, 96-101, 2021.
[37] Qaddoura, R.; Al-Zoubi, A.M.; Almomani, I.; Faris, H. A Multi-Stage Classification Approach for IoT Intrusion Detection Based on Clustering with Oversampling. Appl. Sci. 11, 2021.
[38] Shi, W.C.; Sun, H.M. DeepBot: A time-based botnet detection with deep learning. Soft. Comput. 24, 16605 16616, 2020.
[39] Nguyen, H.-T.; Ngo, Q.-D.; Le, V.-H. IoT Botnet Detection Approach Based on PSI graph and DGCNN classifier. Proceedings of the 2018 IEEE International Conference on Information Communication and Signal Processing (ICICSP), Singapore, 118-122, September 2018.
[40] McDermott, C.D.; Majdani, F.; Petrovski, A.V. Botnet Detection in the Internet of Things using Deep Learning Approaches. In Proceedings of the 2018 International Joint Conference on Neural Networks (IJCNN), Rio de Janeiro, Brazil, 1-8, 2018.
[41] Stiawan, D.; Suryani, M.E.; Susanto; Idris, M.Y.; Aldalaien, M.N.; Alsharif, N.; Budiarto, R. Ping Flood Attack Pattern Recognition Using a K-Means Algorithm in an Internet of Things (IoT) Network. IEEE Access , 9, 116475–116484, 2021.
[42] S. Khorsandroo, A. G. Sánchez, A. S. Tosun, J. M. Arco, and R. Doriguzzi-Corin, "Hybrid SDN evolution: A comprehensive survey of the state-of-the-art. Computer Networks, 192, 107981, 2021.
[43] M. Jammal, T. Singh, A. Shami, R. Asal, and Y. Li, "Software defined networking: State of the art and research challenges. Computer Networks, 72, 74-98, 2014.
[44] Bonguet and M. Bellaiche, "A survey of denial-of-service and distributed denial of service attacks and defenses in cloud computing. Future Internet, 9, 43, 2017.
[45] Chu, T. J. Holt, and G. J. Ahn, "Examining the creation, distribution, and function of malware on-line," National Institute of Justice, Washington, DC, 2010.
[46] E. C. Ogu, O. A. Ojesanmi, O. Awodele, and S. Kuyoro, "A botnets circumspection: The current threat landscape, and what we know so far. Information, 10, 337, 2019.
[47] T. Mahjabin, Y. Xiao, G. Sun, and W. Jiang, "A survey of distributed denial-of-service attack, prevention, and mitigation techniques. International Journal of Distributed Sensor Networks, 13, 1550147717741463, 2017.
[48] Sreeram and V. P. K. Vuppala, "HTTP flood attack detection in application layer using machine learning metrics and bio inspired bat algorithm. Applied computing and informatics, 15, 59-66, 2019.
[49] D. Kreutz, F. M. Ramos, P. E. Verissimo, C. E. Rothenberg, S. Azodolmolky, and S. Uhlig, "Software-defined networking: A comprehensive survey," Proceedings of the IEEE, 103, 14-76, 2014.
[50] N. Sultana, N. Chilamkurti, W. Peng, and R. Alhadad, "Survey on SDN based network intrusion detection system using machine learning approaches," Peer-to-Peer Networking and Applications, vol. 12, pp. 493-501, 2019.
[51] B. Isyaku, M. S. Mohd Zahid, M. Bte Kamat, K. Abu Bakar, and F. A. Ghaleb, "Software defined networking flow table management of openflow switches performance and security challenges: A survey," Future Internet, vol. 12, p. 147, 2020.
[52] S. M. Mousavi and M. St-Hilaire, "Early detection of DDoS attacks against SDN controllers. Proceeding of international conference on computing, networking and communications (ICNC), 77-81, 2015.
[53] K. Shinan, K. Alsubhi, A. Alzahrani, and M. U. Ashraf, "Machine learning-based botnet detection in software-defined network: a systematic review. Symmetry, 13, 866, 2021.
[54] T. Abhiroop, S. Babu, and B. Manoj, "A machine learning approach for detecting DoS attacks in SDN switches," Proceeding of National Conference on Communications (NCC), 1-6. 2018.
[55] J. Ye, X. Cheng, J. Zhu, L. Feng, and L. Song, "A DDoS attack detection method based on SVM in software defined network. Security and Communication Networks, 2018.
[56] R. Santos, D. Souza, W. Santo, A. Ribeiro, and E. Moreno, "Machine learning algorithms to detect DDoS attacks in SDN. Concurrency and Computation: Practice and Experience, 32, e5402, 2020.
[57] M. S. Elsayed, N.-A. Le-Khac, S. Dev, and A. D. Jurcut, "Machine-learning techniques for detecting attacks in SDN," in 2019 IEEE 7th International Conference on Computer Science and Network Technology (ICCSNT), 277-281, 2019.
[58] M. Wang, Y. Lu, and J. Qin, "A dynamic MLP-based DDoS attack detection method using feature selection and feedback. Computers & Security, 88, 101645, 2020.
[59] B. Karan, D. Narayan, and P. Hiremath, "Detection of DDoS attacks in software defined networks," Proceeding of International Conference on Computational Systems and Information Technology for Sustainable Solutions (CSITSS), 265-270, 2018.
[60] Y. Liu, M. Dong, K. Ota, J. Li, and J. Wu, "Deep reinforcement learning based smart mitigation of DDoS flooding in software-defined networks," Proceeding of IEEE International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), 1-6, 2018.
[61] C. Li, Y. Wu, X. Yuan, Z. Sun, W. Wang, X. Li, et al., "Detection and defense of DDoS attack– based on deep learning in OpenFlow‐based SDN. International Journal of Communication Systems, 31, e3497, 2018.
[62] Jose, L. R. Nair, and V. Paul, "Mitigation of Distributed Denial of Service (DDoS) Attacks over Software Defined Networks (SDN) using Machine Learning and Deep Learning Techniques. International Journal of Innovative Technology and Exploring Engineering (IJITEE), 8, 2019.
[63] S. Haider, A. Akhunzada, I. Mustafa, T. B. Patel, A. Fernandez, K.-K. R. Choo, et al., "A deep CNN ensemble framework for efficient DDoS attack detection in software defined networks. IEEE Access, 8, 53972-53983, 2020.
[64] El-Kenawy, El-Sayed M., Marwa Eid, and Alshimaa H. Ismail. "A New Model for Measuring Customer Utility Trust in Online Auctions." International Journal of Computer Applications 975: 8887.
[65] El-kenawy, El-Sayed M., Hattan F. Abutarboush, Ali Wagdy Mohamed, and Abdelhameed Ibrahim. "Advance artificial intelligence technique for designing double T-shaped monopole antenna." CMC-COMPUTERS MATERIALS & CONTINUA 69, no. 3 (2021): 2983-2995.
[66] El-kenawy, El-Sayed M., Marwa M. Eid, and Abdelhameed Ibrahim. "Anemia estimation for covid-19 patients using a machine learning model." Journal of Computer Science and Information Systems 17, no. 11 (2021): 2535-1451.
[67] Ibrahim, Abdelhameed, Seyedali Mirjalili, Mohammed El-Said, Sherif SM Ghoneim, Mosleh M. Al-Harthi, Tarek F. Ibrahim, and El-Sayed M. El-Kenawy. "Wind speed ensemble forecasting based on deep learning using adaptive dynamic optimization algorithm." IEEE Access 9 (2021): 125787-125804.
[68] Mohamed Saber, Efficient Phase Recovery System. Indonesian Journal of Electrical Engineering and Computer Science, 5 (1), 123-129, 2017.
[69] Mohamed Saber, A novel design and Implementation of FBMC transceiver for low power applications. Indonesian Journal of Electrical Engineering and Informatics, 8(1), 83-93, 2020.
