Article: Tree derived feature importance and Bayesian optimisation for improved multi-class classification of DDoS attacks in software defined networks Journal: International Journal of Information and Computer Security (IJICS) 2023 Vol.22 No.2 pp.139 - 166 Abstract: Software defined networking (SDN) is an emerging networking paradigm which mitigates the inadequacies of traditional networks. The centralised controller in SDN allows for the global view of network as well as for controlling the network operations from a single point. Like the traditional networks, SDN is also prone to network vulnerabilities. Intrusion detection based on machine learning techniques is effectively used in traditional networks and have found promising results. The research in security of SDN is in its early stages and researchers from academia and industry are working for this cause. In this paper, machine learning-based intrusion detection is attempted for multi-class classification of distributed denial of service (DDoS) attacks in a SDN environment. The feature importance derived from tree-based classifiers has been used for the feature selection to reduce the feature space which in turn reduces the time and space complexities. Hyperparameter tuning with TPE driven Bayesian optimisation (BO) has also been used for performance enhancement of the classifier. This multistage machine learning model achieves DDoS detection accuracy of 99.87%. The experimental evaluation is performed with SDN DDoS dataset and the results have been tabulated. Inderscience Publishers - linking academia, business and industry through research

Title: Tree derived feature importance and Bayesian optimisation for improved multi-class classification of DDoS attacks in software defined networks

Authors: Ancy Sherin Jose; Latha R. Nair; Varghese Paul

Addresses: Division of Computer Science and Engineering, Cochin University of Science and Technology, Kochi, India ' Division of Computer Science and Engineering, Cochin University of Science and Technology, Kochi, India ' Department of Computer Science and Engineering, Rajagiri School of Engineering and Technology, Kochi, India

Abstract: Software defined networking (SDN) is an emerging networking paradigm which mitigates the inadequacies of traditional networks. The centralised controller in SDN allows for the global view of network as well as for controlling the network operations from a single point. Like the traditional networks, SDN is also prone to network vulnerabilities. Intrusion detection based on machine learning techniques is effectively used in traditional networks and have found promising results. The research in security of SDN is in its early stages and researchers from academia and industry are working for this cause. In this paper, machine learning-based intrusion detection is attempted for multi-class classification of distributed denial of service (DDoS) attacks in a SDN environment. The feature importance derived from tree-based classifiers has been used for the feature selection to reduce the feature space which in turn reduces the time and space complexities. Hyperparameter tuning with TPE driven Bayesian optimisation (BO) has also been used for performance enhancement of the classifier. This multistage machine learning model achieves DDoS detection accuracy of 99.87%. The experimental evaluation is performed with SDN DDoS dataset and the results have been tabulated.

Keywords: software defined networking; SDN; DDoS attack detection; machine learning; ML; multi-class classification; Bayesian optimisation; feature importance.

DOI: 10.1504/IJICS.2023.134962

International Journal of Information and Computer Security, 2023 Vol.22 No.2, pp.139 - 166

Received: 10 Oct 2021
Accepted: 14 Feb 2022
Published online: 22 Nov 2023 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Tree derived feature importance and Bayesian optimisation for improved multi-class classification of DDoS attacks in software defined networks

Keep up-to-date