Babbar Himanshi, Rani Shalli, Driss Maha
Chitkara University Institute of Engineering and Technology, Chitkara University, Punjab, Rajpura, India.
RIOTU Lab, CCIS, Prince Sultan University, Riyadh, Saudi Arabia.
PLoS One. 2024 Dec 18;19(12):e0314695. doi: 10.1371/journal.pone.0314695. eCollection 2024.
Vehicular Networks (VN) utilizing Software Defined Networking (SDN) have garnered significant attention recently, paralleling the advancements in wireless networks. VN are deployed to optimize traffic flow, enhance the driving experience, and ensure road safety. However, VN are vulnerable to Distributed Denial of Service (DDoS) attacks, posing severe threats in the contemporary Internet landscape. With the surge in Internet traffic, this study proposes novel methodologies for effectively detecting DDoS attacks within Software-Defined Vehicular Networks (SDVN), wherein attackers commandeer compromised nodes to monopolize network resources, disrupting communication among vehicles and between vehicles and infrastructure. The proposed methodology aims to: (i) analyze statistical flow and compute entropy, and (ii) implement Machine Learning (ML) algorithms within SDN Intrusion Detection Systems for Internet of Things (IoT) environments. Additionally, the approach distinguishes between reconnaissance, Denial of Service (DoS), and DDoS traffic by addressing the challenges of imbalanced and overfitting dataset traces. One of the significant challenges in this integration is managing the computational load and ensuring real-time performance. The ML models, especially complex ones like Random Forest, require substantial processing power, which necessitates efficient data handling and possibly leveraging edge computing resources to reduce latency. Ensuring scalability and maintaining high detection accuracy as network traffic grows and evolves is another critical challenge. By leveraging a minimal subset of features from a given dataset, a comparative study is conducted to determine the optimal sample size for maximizing model accuracy. Further, the study evaluates the impact of various dataset attributes on performance thresholds. The K-nearest Neighbor, Random Forest, and Logistic Regression supervised ML classifiers are assessed using the BoT-IoT dataset. The results indicate that the Random Forest classifier achieves superior performance metrics, with Precision, F1-score, Accuracy, and Recall rates of 92%, 92%, 91%, and 90%, respectively, over five iterations.
利用软件定义网络(SDN)的车载网络(VN)最近受到了广泛关注,这与无线网络的发展同步。部署VN是为了优化交通流量、提升驾驶体验并确保道路安全。然而,VN容易受到分布式拒绝服务(DDoS)攻击,在当代互联网环境中构成严重威胁。随着互联网流量的激增,本研究提出了新颖的方法,用于在软件定义车载网络(SDVN)中有效检测DDoS攻击,在这种网络中,攻击者控制被攻陷的节点以垄断网络资源,扰乱车辆之间以及车辆与基础设施之间的通信。所提出的方法旨在:(i)分析统计流并计算熵,以及(ii)在物联网(IoT)环境的SDN入侵检测系统中实现机器学习(ML)算法。此外,该方法通过应对数据集痕迹不平衡和过拟合的挑战,区分侦察、拒绝服务(DoS)和DDoS流量。这种集成中的一个重大挑战是管理计算负载并确保实时性能。ML模型,尤其是像随机森林这样的复杂模型,需要大量处理能力,这就需要高效的数据处理,并可能利用边缘计算资源来减少延迟。随着网络流量的增长和演变,确保可扩展性并保持高检测准确率是另一个关键挑战。通过利用给定数据集中的最小特征子集,进行了一项比较研究,以确定最大化模型准确率的最佳样本大小。此外,该研究评估了各种数据集属性对性能阈值的影响。使用BoT - IoT数据集评估了K近邻、随机森林和逻辑回归监督ML分类器。结果表明,随机森林分类器在五次迭代中分别实现了92%、92%、91%和90%的精确率、F1分数、准确率和召回率,性能指标优越。
