Authors: Zhaohui Ma; Bohong Li
Addresses: School of Computer Science, South China Normal University, Guangzhou 510006, China; School of Information Science and Technology, Guangdong University of Foreign Studies, Guangzhou 510420, China ' Volgenau School of Engineering, George Mason University, 4400 University Dr, Fairfax, VA 22030, USA
Abstract: This paper presents a detection method for DDoS attack in SDN based on K-nearest neighbour (KNN) algorithm and support vector machine (SVM) algorithm. This method makes use of the characteristics of SDN centralised control, collects flow characteristic information efficiently, classifies the flow, screens out the attack flow, and determines whether the system is attacked or not. Experiments show that the resource consumption rate of this model is only 11% when detecting DDOS attack. Meanwhile, the accuracy rate exceeded 99%.
Keywords: software defined network; SDN; controller; detecting method; DDoS attack; K-nearest neighbour; KNN; support vector machine; SVM.
International Journal of Computational Science and Engineering, 2020 Vol.23 No.3, pp.224 - 234
Received: 15 Feb 2020
Accepted: 21 Apr 2020
Published online: 24 Nov 2020 *