• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

基于特征工程和机器学习的软件定义网络中的 DDoS 检测方法。

A DDoS Detection Method Based on Feature Engineering and Machine Learning in Software-Defined Networks.

机构信息

School of Electronic Information Engineering, Hebei University, Baoding 071002, China.

Information Technology Center, Hebei University, Baoding 071002, China.

出版信息

Sensors (Basel). 2023 Jul 5;23(13):6176. doi: 10.3390/s23136176.

DOI:10.3390/s23136176
PMID:37448025
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC10346601/
Abstract

Distributed denial-of-service (DDoS) attacks pose a significant cybersecurity threat to software-defined networks (SDNs). This paper proposes a feature-engineering- and machine-learning-based approach to detect DDoS attacks in SDNs. First, the CSE-CIC-IDS2018 dataset was cleaned and normalized, and the optimal feature subset was found using an improved binary grey wolf optimization algorithm. Next, the optimal feature subset was trained and tested in Random Forest (RF), Support Vector Machine (SVM), K-Nearest Neighbor (k-NN), Decision Tree, and XGBoost machine learning algorithms, from which the best classifier was selected for DDoS attack detection and deployed in the SDN controller. The results show that RF performs best when compared across several performance metrics (e.g., accuracy, precision, recall, F1 and AUC values). We also explore the comparison between different models and algorithms. The results show that our proposed method performed the best and can effectively detect and identify DDoS attacks in SDNs, providing a new idea and solution for the security of SDNs.

摘要

分布式拒绝服务 (DDoS) 攻击对软件定义网络 (SDN) 构成了重大的网络安全威胁。本文提出了一种基于特征工程和机器学习的方法,用于检测 SDN 中的 DDoS 攻击。首先,清理和规范化了 CSE-CIC-IDS2018 数据集,并使用改进的二进制灰狼优化算法找到了最优特征子集。接下来,在随机森林 (RF)、支持向量机 (SVM)、K-最近邻 (k-NN)、决策树和 XGBoost 机器学习算法中对最优特征子集进行训练和测试,从中选择最佳分类器用于 DDoS 攻击检测,并将其部署在 SDN 控制器中。结果表明,在比较多个性能指标(例如准确率、精度、召回率、F1 和 AUC 值)时,RF 的表现最佳。我们还探索了不同模型和算法之间的比较。结果表明,我们提出的方法表现最佳,可以有效地检测和识别 SDN 中的 DDoS 攻击,为 SDN 的安全性提供了新的思路和解决方案。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/c5c1f67c10d6/sensors-23-06176-g017.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/fb1c7053d0a2/sensors-23-06176-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/5189d7d55e17/sensors-23-06176-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/f68b329da872/sensors-23-06176-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/28c5f656b2dd/sensors-23-06176-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/2b672088f55b/sensors-23-06176-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/7e689bbd1a4c/sensors-23-06176-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/70eb715b79dd/sensors-23-06176-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/f1b7bf9ec1d3/sensors-23-06176-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/5e414b00b5bd/sensors-23-06176-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/dbbcd3b036de/sensors-23-06176-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/f0e3ce328927/sensors-23-06176-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/cb426e58b86c/sensors-23-06176-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/265c7374580b/sensors-23-06176-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/cfe4305c2b73/sensors-23-06176-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/72861c989973/sensors-23-06176-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/ffe7cdcb420e/sensors-23-06176-g016.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/c5c1f67c10d6/sensors-23-06176-g017.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/fb1c7053d0a2/sensors-23-06176-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/5189d7d55e17/sensors-23-06176-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/f68b329da872/sensors-23-06176-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/28c5f656b2dd/sensors-23-06176-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/2b672088f55b/sensors-23-06176-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/7e689bbd1a4c/sensors-23-06176-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/70eb715b79dd/sensors-23-06176-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/f1b7bf9ec1d3/sensors-23-06176-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/5e414b00b5bd/sensors-23-06176-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/dbbcd3b036de/sensors-23-06176-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/f0e3ce328927/sensors-23-06176-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/cb426e58b86c/sensors-23-06176-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/265c7374580b/sensors-23-06176-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/cfe4305c2b73/sensors-23-06176-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/72861c989973/sensors-23-06176-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/ffe7cdcb420e/sensors-23-06176-g016.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/b916/10346601/c5c1f67c10d6/sensors-23-06176-g017.jpg

相似文献

1
A DDoS Detection Method Based on Feature Engineering and Machine Learning in Software-Defined Networks.基于特征工程和机器学习的软件定义网络中的 DDoS 检测方法。
Sensors (Basel). 2023 Jul 5;23(13):6176. doi: 10.3390/s23136176.
2
Adaptive Machine Learning Based Distributed Denial-of-Services Attacks Detection and Mitigation System for SDN-Enabled IoT.基于自适应机器学习的支持软件定义网络的物联网分布式拒绝服务攻击检测与缓解系统
Sensors (Basel). 2022 Mar 31;22(7):2697. doi: 10.3390/s22072697.
3
Software-Defined-Networking-Based One-versus-Rest Strategy for Detecting and Mitigating Distributed Denial-of-Service Attacks in Smart Home Internet of Things Devices.基于软件定义网络的一对多策略,用于检测和缓解智能家居物联网设备中的分布式拒绝服务攻击
Sensors (Basel). 2024 Aug 3;24(15):5022. doi: 10.3390/s24155022.
4
An entropy and machine learning based approach for DDoS attacks detection in software defined networks.一种基于熵和机器学习的软件定义网络中分布式拒绝服务攻击检测方法。
Sci Rep. 2024 Aug 6;14(1):18159. doi: 10.1038/s41598-024-67984-w.
5
Multi-Stage Learning Framework Using Convolutional Neural Network and Decision Tree-Based Classification for Detection of DDoS Pandemic Attacks in SDN-Based SCADA Systems.基于卷积神经网络和决策树分类的多阶段学习框架,用于检测基于软件定义网络的监控与数据采集系统中的分布式拒绝服务大规模攻击。
Sensors (Basel). 2024 Feb 5;24(3):1040. doi: 10.3390/s24031040.
6
ML-Based Detection of DDoS Attacks Using Evolutionary Algorithms Optimization.基于机器学习并采用进化算法优化的分布式拒绝服务攻击检测
Sensors (Basel). 2024 Mar 5;24(5):1672. doi: 10.3390/s24051672.
7
Ensemble Learning Framework for DDoS Detection in SDN-Based SCADA Systems.基于软件定义网络(SDN)的监控与数据采集(SCADA)系统中分布式拒绝服务(DDoS)检测的集成学习框架
Sensors (Basel). 2023 Dec 27;24(1):155. doi: 10.3390/s24010155.
8
HLD-DDoSDN: High and low-rates dataset-based DDoS attacks against SDN.HLD-DDoSDN:基于高低速率数据集的针对 SDN 的 DDoS 攻击。
PLoS One. 2024 Feb 8;19(2):e0297548. doi: 10.1371/journal.pone.0297548. eCollection 2024.
9
DDosTC: A Transformer-Based Network Attack Detection Hybrid Mechanism in SDN.DDosTC:SDN 中的基于 Transformer 的网络攻击检测混合机制。
Sensors (Basel). 2021 Jul 26;21(15):5047. doi: 10.3390/s21155047.
10
A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-Defined Networking.软件定义网络中基于机器学习和深度学习的 DDoS 攻击检测方法的系统文献综述
Sensors (Basel). 2023 May 1;23(9):4441. doi: 10.3390/s23094441.

引用本文的文献

1
Metaparameter optimized hybrid deep learning model for next generation cybersecurity in software defined networking environment.用于软件定义网络环境中下一代网络安全的元参数优化混合深度学习模型
Sci Rep. 2025 Apr 23;15(1):14166. doi: 10.1038/s41598-025-96153-w.
2
Effective DDoS attack detection in software-defined vehicular networks using statistical flow analysis and machine learning.使用统计流分析和机器学习在软件定义的车载网络中进行有效的分布式拒绝服务攻击检测
PLoS One. 2024 Dec 18;19(12):e0314695. doi: 10.1371/journal.pone.0314695. eCollection 2024.
3
Software-Defined-Networking-Based One-versus-Rest Strategy for Detecting and Mitigating Distributed Denial-of-Service Attacks in Smart Home Internet of Things Devices.

本文引用的文献

1
Entropy and Confidence-Based Undersampling Boosting Random Forests for Imbalanced Problems.基于熵和置信度的欠采样提升随机森林解决不平衡问题
IEEE Trans Neural Netw Learn Syst. 2020 Dec;31(12):5178-5191. doi: 10.1109/TNNLS.2020.2964585. Epub 2020 Nov 30.
基于软件定义网络的一对多策略,用于检测和缓解智能家居物联网设备中的分布式拒绝服务攻击
Sensors (Basel). 2024 Aug 3;24(15):5022. doi: 10.3390/s24155022.
4
Traffic Feature Selection and Distributed Denial of Service Attack Detection in Software-Defined Networks Based on Machine Learning.基于机器学习的软件定义网络中的流量特征选择与分布式拒绝服务攻击检测
Sensors (Basel). 2024 Jul 4;24(13):4344. doi: 10.3390/s24134344.