Title
Nova metoda detekcije DDoS napada primenom softverski definisanih mreža
Creator
Čabarkapa, Danijel, 1969-
CONOR:
83689737
Copyright date
2023
Object Links
Select license
Autorstvo-Nekomercijalno-Bez prerade 3.0 Srbija (CC BY-NC-ND 3.0)
License description
Dozvoljavate samo preuzimanje i distribuciju dela, ako/dok se pravilno naznačava ime autora, bez ikakvih promena dela i bez prava komercijalnog korišćenja dela. Ova licenca je najstroža CC licenca. Osnovni opis Licence: http://creativecommons.org/licenses/by-nc-nd/3.0/rs/deed.sr_LATN. Sadržaj ugovora u celini: http://creativecommons.org/licenses/by-nc-nd/3.0/rs/legalcode.sr-Latn
Language
Serbian
Cobiss-ID
Theses Type
Doktorska disertacija
description
Datum odbrane: 30.10.2023.
Other responsibilities
Academic Expertise
Tehničko-tehnološke nauke
University
Univerzitet u Nišu
Faculty
Elektronski fakultet
Group
Katedra za računarstvo
Alternative title
A new method of detecting DDoS attacks using software-defined networks
Publisher
[D. D. Čabarkapa]
Format
131 list
description
Biografija autora: list 128.
Bibliografija: list. 117-127.
description
Computer networks security
Abstract (en)
This dissertation is the result of a detailed research of detection and identification of DDoS attacks by denying network services. The scientific justification of the research is based on the fact that this important type of attack is increasingly carried out within software-defined networks, which represent a completely new and increasingly important paradigm of network management.
A new method for the detection of anomalies and DDoS attacks is proposed and analyzed, which applies a combined approach that includes the entropy calculation of network attributes and the application of supervised machine learning algorithms. Entropy calculation as a high-level metric was applied on the edge OpenFlow network switch to realize fast attack detection, while supervised machine learning algorithms were executed on the controller, which achieved more accurate detection, reduced the number of false alarms and performed effective classification of network traffic.
The detailed experimental analysis performed for the simulation topology of the software-defined network, obtained results that show that the proposed DDoS attack detection method achieves a high degree of efficiency and classification accuracy. Also, the proposed solution has the characteristic of generality, so it has the ability to detect different flooding attacks.
Authors Key words
detekcija napada, entropija, napad odbijanjem servisa, softverski definisane mreže, nadgledano mašinsko učenje, bezbednost mreža
Authors Key words
intrusion detection, entropy, distributed denial of service, software defined networks, supervised machine learning, network security
Classification
004.7.056.5:004.722(043.3)
Subject
Т120
Type
Tekst
Abstract (en)
This dissertation is the result of a detailed research of detection and identification of DDoS attacks by denying network services. The scientific justification of the research is based on the fact that this important type of attack is increasingly carried out within software-defined networks, which represent a completely new and increasingly important paradigm of network management.
A new method for the detection of anomalies and DDoS attacks is proposed and analyzed, which applies a combined approach that includes the entropy calculation of network attributes and the application of supervised machine learning algorithms. Entropy calculation as a high-level metric was applied on the edge OpenFlow network switch to realize fast attack detection, while supervised machine learning algorithms were executed on the controller, which achieved more accurate detection, reduced the number of false alarms and performed effective classification of network traffic.
The detailed experimental analysis performed for the simulation topology of the software-defined network, obtained results that show that the proposed DDoS attack detection method achieves a high degree of efficiency and classification accuracy. Also, the proposed solution has the characteristic of generality, so it has the ability to detect different flooding attacks.
“Data exchange” service offers individual users metadata transfer in several different formats. Citation formats are offered for transfers in texts as for the transfer into internet pages. Citation formats include permanent links that guarantee access to cited sources. For use are commonly structured metadata schemes : Dublin Core xml and ETUB-MS xml, local adaptation of international ETD-MS scheme intended for use in academic documents.