Please use this identifier to cite or link to this item: http://hdl.handle.net/10603/510509
Title: Identification of attacks on Software defined network Using machine learning approach
Researcher: Ahuja, Nisha
Guide(s): Badal, Tapas
Keywords: Computer Science
Computer Science Software Engineering
Engineering and Technology
University: Bennett University
Completed Date: 2022
Abstract: SDN is a communication technology defined by a software program that manages network newlinetraffic routing and configuration. In contrast, the current network architecture controls traffic newlineby configuring the various network elements remotely. The SDN architecture is centralized in newlinenature such that data plane and control plane within a networking device are segregated. The newlinecontrol plane can be thought of as the mind of the network whereas the data plane is adhering to newlinethe controller s decisions. Examples of SDN controllers include FloodLight, Ryu, Pox, Open- newlineDayLight, Nox, etc. which are open source and incorporate a set of APIs for building network newlineapplications. newlineMany researchers have worked on the detection of attacks and the categorizing of network newlinetraffic into benign and malicious categories. Existing DDOS attack detection research newlineis based on threshold-based detection on the count of incomplete connections made, the number newlineof queries made per user, traffic rate, and the total time of flow duration. Other techniques newlineinclude computing the feature tensors for the construction of benign and malicious vectors and newlinecomparing these vectors to a threshold parameter for attack detection. Other techniques include newlinethe use of a Markov model on a network graph, a tensor-based technique for calculating the newlineentropy of TCP layer attributes, randomness in different traffic features (such as Destination IP newlineaddress, Source IP address, Protocol type, TCP flags, Destination Port, Source Port, and Packet newlinesize) and Machine learning (ML) based approaches. The techniques discussed above detect attacks newlineby comparing a specific value as in threshold-based approach, which is impractical in a newlinelarge network. Some of them trained the deep learning model on a traditional dataset which newlineare not created in SDN environment. The detection method employed is computationally timeconsuming, newlineand the experimental setup is not adequately described. newline
URI: http://hdl.handle.net/10603/510509
Appears in Departments:School of Computer Science Engineering and Technology

Files in This Item:
File Description SizeFormat 
01_title.pdfAttached File128.35 kBAdobe PDFView/Open
02_prelim pages.pdf101.96 kBAdobe PDFView/Open
03_contents.pdf90.46 kBAdobe PDFView/Open
04_abstract.pdf94.19 kBAdobe PDFView/Open
05_chapter 1.pdf157.8 kBAdobe PDFView/Open
06_chapter 2.pdf358.91 kBAdobe PDFView/Open
07_chapter 3.pdf705.07 kBAdobe PDFView/Open
08_chapter 4.pdf547.88 kBAdobe PDFView/Open
09_chapter 5.pdf1.29 MBAdobe PDFView/Open
10_chapter 6.pdf129.53 kBAdobe PDFView/Open
11_annexures.pdf182.75 kBAdobe PDFView/Open
80_recommendation.pdf169.58 kBAdobe PDFView/Open
Show full item record


Items in Shodhganga are licensed under Creative Commons Licence Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0).

Altmetric Badge: