Please use this identifier to cite or link to this item: http://repositorio.ufla.br/jspui/handle/1/56942
Title: Detecção de ataques de DDoS ao plano de controle de sdn utilizando aprendizado de máquina
Other Titles: Detection of DDoS attacks on sdn control plane using machine learning
Authors: Correia, Luiz Henrique Andrade
Correia, Luiz Henrique Andrade
Rosa, Renata Lopes
Malheiros, Neumar Costa
Silva, Fabricio Aguiar
Keywords: SDN
Segurança da informação
Controlador
DDoS
Aprendizado de máquina
Software Defined Networking (SDN)
Information security
Controller
Distributed Denial of Service (DDoS)
Machine learning
Issue Date: 5-Jun-2023
Publisher: Universidade Federal de Lavras
Citation: OLIVEIRA, R. V. Detecção de ataques de DDoS ao plano de controle de SDN utilizando aprendizado de máquina. 2023. 59 p. Dissertação (Mestrado em Ciência da Computação)–Universidade Federal de Lavras, Lavras, 2022.
Abstract: The Software Defined Networking (SDN) paradigm is considered promising for the innovation of computer networking technologies. The SDN architecture separates the data plane from the control plane, where the controller has an overall view of the network. Network security is a subject under constant discussion, as new forms of attacks with different objectives appear daily. SDN is no different, many Distributed Denial of Service (DDoS) attacks are performed against the SDN control plane, therefore, protection measures must be developed to detect malicious activities on the network. While SDN networks provide strong control over traffic, they also offer new problems and challenges as, for example, a DDoS attack against a controller has the potential to let the entire network inoperable. In order to identify malicious traffic in SDN, in this work, the input flows were analyzed and classified to detect DDoS attacks through machine learning techniques. In order to identify crucial characteristics in the monitoring of a SDN, datasets were created from the capture of legitimate and malicious traffic (DDoS) in SDN. These datasets were used in the construction of machine learning models which, in turn, were used to classify flows as legitimate or malicious. The traffic classification experiments were divided into two scenarios, one with variable traffic during the experiment time and another with unchanging traffic for each iteration. The results showed that the Naïve Bayes algorithm was more assertive in identifying attacks than the other algorithms (Gradient Boosting, Decision Tree and Support Vector Machine). To evaluate the results, the metrics accuracy, precision, recall and F-score were used.
URI: http://repositorio.ufla.br/jspui/handle/1/56942
Appears in Collections:Ciência da Computação - Mestrado (Dissertações)



This item is licensed under a Creative Commons License Creative Commons