Dec 05, 2023 News!Vol.12, No.4 has been published with online version. [Click]
Jan 04, 2024 News!IJFCC will adopt Article-by-Article Work Flow
Sep 05, 2023 News!Vol.12, No.3 has been published with online version. [Click]

General Information

ISSN: 2010-3751 (Print)
Frequency: Quarterly
DOI: 10.18178/IJFCC
Editor-in-Chief: Prof. Pascal Lorenz
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: Crossref, Electronic Journals Library, INSPEC(IET), Google Scholar, EBSCO, etc.
E-mail: ijfcc@ejournal.net

Editor-in-chief

Prof. Pascal Lorenz

University of Haute Alsace, France

It is my honor to be the editor-in-chief of IJFCC. The journal publishes good papers in the field of future computer and communication. Hopefully, IJFCC will become a recognized journal among the readers in the filed of future computer and communication.

HOME > Archive > 2023 > Volume 12 Number 2 (June 2023) >

IJFCC 2023 Vol.12(2): 27-36
DOI: 10.18178/ijfcc.2023.12.2.600

A Cooperative Detection of DDoS Attacks Based on CNN-BiLSTM in SDN

Hongwei Zhou

Abstract—In view of the problem that detecting DDoS attack traffic in traditional SDN depends on the controller continuously collecting traffic and running the detection model, resulting in excessive controller overhead, low detection efficiency, increased traffic forwarding delay, and easy to cause "single point of failure", a cooperative detection method of DDoS attack in SDN based on information entropy and deep learning is proposed, which divides part of the detection task into the data plane for detection based on information entropy and uses the improved CNN-BiLSTM model to detect DDoS attack traffic on control plane. The experimental results show that, compared with the SVC-RF method in recent years, the accuracy of the proposed CNN-BiLSTM model is increased by 0.74%, the detection rate is increased by 1.42%, and the false alarm rate is reduced by 1.5%. Compared with the BiLSTM model, the accuracy is increased by 0.75%, the detection rate is increased by 0.64%, and the false alarm rate is reduced by 1.14%. Compared with the RF method, the accuracy is increased by 2.34%, the detection rate is increased by 3.88%, and the false alarm rate is reduced by 4%. Compared with the traditional single point detection method which only depends on the controller, the proposed switch-controller cooperative detection method reduces the CPU occupancy of the controller by about 12% and the detection time by about 13 seconds.

Index Terms—Anomaly detection, distributed denial of service attacks, deep learning, software defined network

Hongwei Zhou is with School of computer Science of Guangdong University of Technology, Guangzhou, China. E-mail: 434895488@qq.com (H.W.Z.)

[PDF]

Cite: Hongwei Zhou, "A Cooperative Detection of DDoS Attacks Based on CNN-BiLSTM in SDN," International Journal of Future Computer and Communication vol. 12, no. 2, pp. 27-36, 2023.

Copyright © 2023 by the authors. This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0)

PREVIOUS PAPER

Stability of Price Prediction Rule for High-Frequency Trading

NEXT PAPER

The Diverse Technology of MANETs: A Survey of Applications and Challenges

2012

2013

2014

2015

2016

2017

2018

2019

2020

2021

2022

2023

2024

A Cooperative Detection of DDoS Attacks Based on CNN-BiLSTM in SDN