A Deep Ensemble Framework for DDoS Attack Recognition and Mitigation in Cloud SDN Environment

Abstract

Much research has been done in the recent past on the absolute shift of Internet infrastructure in order to make it more significantly programmable, configurable and make it more conveniently feasible. Software Defined Networking (SDN) forms the basis for this absolute shift in Internet infrastructure. When you look at the benefits of an SDN-based cloud environment they are monumental. Namely, network traffic control and elastic resource management. The SDN-based cloud environment becomes susceptible to cyber threats, especially like that of Distributed Denial of Service (DDoS) attacks and other cyber-attacks that perturb the SDN-based cloud environment. Hence, automated Machine Learning (ML) models are an efficient way to protect against these cyber-attacks. This research will develop a deep learning-based ensemble model for DDoS attack detection and classification (DLEM-DDoS) in a cloud environment. Long Short-Term Memory (LSTM), 1-D Convolutional Neural Networks (1D-CNN) and Gated Recurrent Unit (GRU) are the three DL models integrated into an ensemble model that classifies the incoming packet by majority voting classifiers. Network traffic data including source and destination IP addresses, packet and byte counts, packet and byte rates, flow duration, protocol types and port numbers are fed into the DLEM-DDoS model. This model preprocesses this data by converting categorical values (like protocol types) into numerical values and removing any missing values. Once collected and preprocessed, the data is fed into deep learning models (LSTM, 1D-CNN, GRU) within the framework for analysis. Finally, in this research using the DLEM-DDoS technique an efficient DDoS attack mitigation scheme in an SDN-based cloud environment is demonstrated. The report shows comprehensive stimulations as well as a superiority into the current approaches in terms of several measures