ML-based ICMP DDoS Attack Detection and Mitigation in Cloud Computing Environment using Software Defined Network
Ayesha Sabir, University of Engineering and Technology, Taxila, Pakistan.
Farrukh Zeeshan Khan, University of Engineering and Technology, Taxila, Pakistan.
Hussain Ali, University of Engineering and Technology, Taxila, Pakistan.
Corresponding Author:
Ayesha Sabir (Ayeshasabir690@gmail.com)
Abstract:
Recently, Software Defined Networking (SDN) has emerged as a technology of significant interest to both industry and academia. Software-Defined Networking (SDN) denotes a novel method for network programmability, allowing for the dynamic initiation, control, alteration, and management of network behavior through open interfaces. Detecting and responding to DDoS attacks on large networks like the Internet demands efficient techniques deployed at both the network perimeter and core. This study introduces methods for DDoS detection using entropy computation and frequency-based sorting of packet attributes. ICMP attacks exploit protocol vulnerabilities to disrupt network communication by flooding networks with packets, causing congestion and potential denial of service. They can also serve as reconnaissance tools for attackers to gather information on network topology and vulnerabilities. Machine learning detects ICMP DDoS attacks by analyzing traffic patterns. Supervised learning identifies anomalies in labeled datasets, while unsupervised methods excel at detecting unusual ICMP packet behaviors without labels. These techniques proactively detect and mitigate attacks, bolstering network security. By incorporating machine learning techniques and algorithms like Random Forest Classifier and Artificial Neural Network (ANN) into the SDN architecture, aberrant ICMP traffic patterns suggestive of DDoS assaults may be detected in real time. The efficacy of the suggested technique is tested in simulated settings under various network circumstances which is approximately 98.01% & 99.202% of the Random Forest Classifier and Artificial Neural Network (ANN) algorithms respectively the findings highlight the potential of ML-based strategies in protecting cloud computing environments against DDoS attacks, opening the door for more robust and secure networks in the future.
Keywords:
Software Defined Networking (SDN); Machine Learning; Distributed Denial of Service (DDoS); ICMP.