Deanship of Graduate Studies | Researches | DISTRIBUTED DENIAL OF SERVICE ATTACK MITIGATION USING MACHINE LEARNING IN SOFTEWARE DEFINED NETWORKS

Main Page
Deanship
- The Dean
  - Dean's Word
  - Curriculum Vitae
  - Contact the Dean
- Vision and Mission
- Organizational Structure
- Vice- Deanship
- Vice- Dean
- KAU Graduate Studies
Research Services & Courses
- Research Services Unit
- Important Research for Society
- Deanship's Services
  - FAQs
  - Research
  - Staff Directory
  - Files
  - Favorite Websites
  - Deanship Access Map
Graduate Studies Awards
Deanship's Staff
- Staff Directory
Files
Researches
Contact us

- عربي
- English

Deanship of Graduate Studies

Document Details

Document Type	:	Thesis
Document Title	:	DISTRIBUTED DENIAL OF SERVICE ATTACK MITIGATION USING MACHINE LEARNING IN SOFTEWARE DEFINED NETWORKS الحد من هجمات حجب الخدمه الموزعه في الشبكات المعرفه برمجيا باستخدام تعليم الاله
Subject	:	Faculty of Computing and Information Technology
Document Language	:	Arabic
Abstract	:	Software-defined networks (SDN) are susceptible to several security threats. For example, distributed denial of service (DDoS) can have devastating consequences in terms of SDN availability. Thus, developing an intelligent DDoS defense solution is a significant research problem. Existing approaches based on traditional detection methods are highly complex and provide low accuracy and poor solution generalization. In addition, SDNs can generate large-scale data; thus, traditional approaches fail to provide flexible solutions. To address these problems and improve attack detection accuracy, this thesis proposes a DDoS detection and mitigation system for SDNs that is based on a deep ensemble learning model. The proposed system design went through two phases. In the first phase, four ensemble models are presented by adopting three ensemble techniques and different DL architectures, namely convolutional neural network, long short-term memory, and gated recurrent unit, to improve the SDN traffic classification. The second phase is the proposed system design, which comprises three modules, i.e., detection, mitigation, and monitoring. The detection module adopts the voting ensemble technique and convolutional neural networks (CNN) which were selected from phase one. The proposed deep ensemble learning model was evaluated on flow-based public datasets called CICDDoS2019 and CICIDS2017 and real SDN traffic data. In addition, we evaluated the proposed system in an SDN simulation in real-time. We compared the proposed approach to other state-of-the-art approaches from the network security literature. Experimental results demonstrate that the proposed ensemble model can identify DDoS attacks with high accuracy and a low rate of false alarms. Based on our findings, we conclude that the proposed system has significant potential to build defense solutions for DDoS attack in SDN environments.
Supervisor	:	Prof. Kamal Jambi
Thesis Type	:	Master Thesis
Publishing Year	:	1444 AH 2022 AD
Added Date	:	Tuesday, February 28, 2023

Researchers

Researcher Name (Arabic)	Researcher Name (English)	Researcher Type	Dr Grade	Email
فاطمة رطيان العنزي	Alanazi, Fatmah Rtian	Researcher	Master

Files

File Name	Type	Description
49074.pdf	pdf

Back To Researches Page