PROACTIVE MITIGATION OF DDoS IoT-RELATED ATTACK USING MACHINE LEARNING AND SOFTWARE DEFINED NETWORKING TECHNIQUES

Abstract

The number of Internet of Things (IoT) connected to the Internet have increased globally. The insecure nature of IoT have made attackers to capitalize on the devices to launch Distributed Denial of Service (DDoS) attacks on networks, thus causing massive destruction to network resources. The setting of the research work is an enterprise organization wide area network (WAN) that is structured into 3 LANs topology in Software Defined Networking (SDN) environment. The WAN is emulated, and includes a single RYU SDN controller, three routers, three OpenFlow switches with three simulated IoT devices connected to each switch, to form the 3 LANs topology. Both normal and DDoS IoT-related attack data traffics are generated every 5 seconds, from Transport Control Protocol (TCP), User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP) and Hypertext Transfer Protocol (HTTP). The packets capture (pcap) files from Wireshark are exported as comma-separated values (csv) files. The datasets are preprocessed to extract relevant features using Python libraries. The large dataset was scaled down using Min Max Scaler before the Machine Learning (ML) classification stage. Four (4) ML algorithms namely, Support Vector Machine (SVM), Logistic Regression (LR), Decision Tree (DT) and
Random Forest (RF) were used to classify the models. The performances of SVM and LR recorded higher percent accuracy of 99.474 each while the DT and RF recorded 99.123 percent accuracy each in detecting the DDoS-IoT data traffic from the normal data. The flow table entries (FTE) rules of the OpenFlow switches together with the RYU controller..