NCI WEBSITE
NORMA eResearch @NCI Library

A Hybrid Approach for Detecting DDoS Attacks in Software-Defined Networks

Tools

Chandrashekhar, Phani Kumar Kalyanadurgam (2023) A Hybrid Approach for Detecting DDoS Attacks in Software-Defined Networks. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration Manual]
Preview
 PDF (Configuration Manual)
Download (1MB) | Preview

Abstract

Software-Defined Networks (SDNs) have been widely used and have completely changed the way networks are managed. By separating the data plane and control plane, SDNs allow for centralized management and improved programmability. The accessibility and efficiency of networks, especially in cloud-based environments, are particularly vulnerable to Distributed Denial of Service (DDoS) assaults, which have become more common because of this advancement. This study presents a new approach to detecting and preventing distributed denial of service (DDoS) assaults in Software-Defined networks. Strengthening the network’s resistance against DDoS assaults is the goal of the suggested solution, which combines the powers of statistical analysis and machine learning techniques. With the Ryu controller and Mininet network simulator integrated with the OpenFlow SDN protocol, this method accomplishes outstanding outcomes, with a detection rate of 100 percent and an accuracy of 99.80 percent in recognizing DDoS assaults. Flow Count, Speed of Flow Entries (SFE), Ratio of Pair-Flow Entries (RPF), and Speed of IP Sources (SSIP) are some of the important aspects and metrics used to identify abnormalities in incoming network traffic. Boosted bagging approaches along with more conventional algorithms like KNN, linear regression, and decision trees, are built upon these characteristics for training and testing machine learning algorithms. This study’s novelty comes from its use of statistical and machine learning techniques to identify DDoS attacks in their entirety. The research also demonstrates how machine learning may improve the system’s capacity to distinguish between legitimate and malicious network data by understanding the start of DDoS assaults using time series analysis. This paper highlights the significance of a multi-pronged strategy in protecting networks from ever-changing cyber threats and adds a solid technique for DDoS detection based on Software-Defined networking.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Heeney, Sean
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software
T Technology > T Technology (General) > Information Technology > Computer software
T Technology > T Technology (General) > Information Technology > Cloud computing
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Machine learning
Divisions: School of Computing > Master of Science in Cloud Computing
Depositing User: Ciara O'Brien
Date Deposited: 28 Mar 2025 15:00
Last Modified: 28 Mar 2025 15:00
URI: https://norma.ncirl.ie/id/eprint/7351

Actions (login required)

View Item View Item