Abstract
In a cloud computing environment, the Distributed Denial of Service (DDoS) attack is considered as the crucial issue that needs to be addressed in ensuring the availability of resources that emerge due to the compromisation of hosts. The process of detecting and preventing DDoS attacks is determined to be predominant when the potential benefits of decoupling data plane from the control plane are facilitated through the Software Defined Networking (SDN) in the cloud environment. The incorporation of SDN in DDoS mitigation also enhances the probability of investigating the data traffic flow using the reactive process of updating forwarding rules, analyzing the network with a global view and centralized control in monitoring for better DDoS mitigation enforcement. In this paper, a Convolution Recursively Enhanced Self Organizing Map and Software Defined Networking-based Mitigation Scheme (CRESOM-SDNMS) is proposed for ensuring the better rate of detection during the process of preventing DDoS attacks in clouds. This proposed CRESOM-SDNMS facilitates a predominant option in resolving the issue of vector quantization with enhanced topology preservation and the superior initialization mechanism during the process of SOM-based categorization of flooded data traffic flows into genuine and malicious. The simulation experiments and results of the proposed CRESOM-SDNMS confirmed a superior classification accuracy of around 21% when compared to the existing systems with minimized False Positive rate of 19% compared to the benchmarked DDoS mitigation schemes of the literature.
Similar content being viewed by others
References
Bhushan K and Gupta B B 2018 Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment. Journal of Ambient Intelligence and Humanized Computing 1(1): 56–69
Braga R, Mota E and Passito A 2010 Lightweight DDoS flooding attack detection using NOX/OpenFlow. IEEE Local Computer Network Conference 1(1): 22–34
Yan Q, Yu F R, Gong Q and Li J 2016 Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: a survey, some research issues, and challenges. IEEE Communications Surveys & Tutorials 18(1): 602–622
Bannour F, Souihi S and Mellouk A 2018 Distributed SDN control: survey, taxonomy, and challenges. IEEE Communications Surveys & Tutorials 20(1): 333–354
Amin R, Reisslein M and Shah N 2018 Hybrid SDN networks: a survey of existing approaches. IEEE Communications Surveys & Tutorials 1(1): 1–21
Tamanna T, Fatema T and Saha R 2017 SDN, A research on SDN assets and tools to defense DDoS attack in cloud computing environment. 2017 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET) 1(2): 78–89
Aamir M and Zaidi M A 2013 A survey on DDoS attack and defense strategies: from traditional schemes to current techniques. Interdisciplinary Information Sciences 19(2): 173–200
Jonker M and Sperotto A 2015 Mitigating DDoS attacks using OpenFlow-based software defined networking. Intelligent Mechanisms for Network Configuration and Security 1(1): 129–133
Mariette J and Villa-Vialaneix N 2016 Aggregating self-organizing maps with topology preservation. Advances in Self-Organizing Maps and Learning Vector Quantization 1(2): 27–37
Cottrell M, Olteanu M, Rossi F and Villa-Vialaneix N 2016 Theoretical and applied aspects of the self-organizing maps. Advances in Self-Organizing Maps and Learning Vector Quantization 1(1): 3–26
Karnwal T, Thandapanii S and Gnanasekaran A 2013 A filter tree approach to protect cloud computing against XML DDoS and HTTP DDoS attack. Advances in Intelligent Systems and Computing 1(1): 459–469
Cotton M 2017 DDoS attacks: defending cloud environments. Advances in Intelligent Systems and Computing 1(1): 907–909
Wang B, Zheng Y, Lou W and Hou Y T 2015 DDoS attack protection in the era of cloud computing and software-defined networking. Computer Networks 81(1): 308–319
Khimabhai Y A and Rohokale V 2016 SDN control plane security in cloud computing against DDoS attack. In: Proceedings of the International Conference on Advances in Information Communication Technology & Computing - AICTC ‘16 1(1): 45–56
Mousavi S M and St-Hilaire M 2017 Early detection of DDoS attacks against software defined network controllers. Journal of Network and Systems Management 26(3): 573–591
Kilari N and Sridaran R 2017 A novel approach to protect cloud environments against DDOS attacks. Advances in Intelligent Systems and Computing 1(1): 515–523
Johnson Singh K and De T 2017 Mathematical modelling of DDoS attack and detection using correlation. Journal of Cyber Security Technology 1(3–4): 175–186
Dang-Van T and Truong-Thu H 2017 A multi-criteria based software defined networking system architecture for DDoS-attack mitigation. REV Journal on Electronics and Communications 1(1): 45–55
Pillutla H and Arjunan A 2019 Fuzzy self organizing maps-based DDoS mitigation mechanism for software defined networking in cloud computing. Journal of Ambient Intelligence and Humanized Computing 10(4): 1547–1559
Zhao C and Liu F 2018 DDoS attack detection based on self-organizing mapping network in software defined networking. MATEC Web of Conferences 176(1): 01026
Kohonen T 2001 Self-Organizing Maps. Springer Series in Information Sciences 1(1): 78–102
Horio K, Aikawa A and Yamakawa T 2014 Pattern Recognition based on relative position of local features using self-organizing map. First International Conference on Innovative Computing, Information and Control - Volume I (ICICIC’06) 1(2): 12–25
Mohebi E and Bagirov A 2014 A convolutional recursive modified Self Organizing Map for handwritten digits recognition. Neural Networks 60(1): 104–118
Deepali and Bhushan K 2017 DDoS attack mitigation and resource provisioning in cloud using fog computing. 2017 International Conference On Smart Technologies For Smart Nation (SmartTechCon) 1(1): 56–65
Challagidad P S and Birje M N 2017 Trust management in cloud computing. 2017 International Conference on Smart Technologies for Smart Nation (SmartTechCon) 1(1): 45–56
Xu Y and Liu Y 2016 DDoS attack detection under SDN context. IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications 1(1): 45–56
Wang W, Ke X and Wang L 2018 A HMM-R approach to detect L-DDoS attack adaptively on SDN controller. Future Internet 10(9): 83
Aamir M and Zaidi S M 2019 Clustering based semi-supervised machine learning for DDoS attack classification. Journal of King Saud University - Computer and Information Sciences 1(1): 56–67
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Harikrishna, P., Amuthan, A. SDN-based DDoS Attack Mitigation Scheme using Convolution Recursively Enhanced Self Organizing Maps. Sādhanā 45, 104 (2020). https://doi.org/10.1007/s12046-020-01353-x
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s12046-020-01353-x