Preferred Language
Articles
/
Nxazs4sBVTCNdQwCZdeM
Performance Evaluation of SDN DDoS Attack Detection and Mitigation Based Random Forest and K-Nearest Neighbors Machine Learning Algorithms
...Show More Authors

Software-defined networks (SDN) have a centralized control architecture that makes them a tempting target for cyber attackers. One of the major threats is distributed denial of service (DDoS) attacks. It aims to exhaust network resources to make its services unavailable to legitimate users. DDoS attack detection based on machine learning algorithms is considered one of the most used techniques in SDN security. In this paper, four machine learning techniques (Random Forest, K-nearest neighbors, Naive Bayes, and Logistic Regression) have been tested to detect DDoS attacks. Also, a mitigation technique has been used to eliminate the attack effect on SDN. RF and KNN were selected because of their high accuracy results. Three types of network topology have been generated to observe the effectiveness of proposed algorithms on different network architectures. The results reveal that RF performs better than KNN in a single topology, and both have close performance in other topologies.

Scopus Crossref
View Publication
Publication Date
Thu Mar 02 2023
Journal Name
Applied Sciences
Machine Learning Techniques to Detect a DDoS Attack in SDN: A Systematic Review
...Show More Authors

The recent advancements in security approaches have significantly increased the ability to identify and mitigate any type of threat or attack in any network infrastructure, such as a software-defined network (SDN), and protect the internet security architecture against a variety of threats or attacks. Machine learning (ML) and deep learning (DL) are among the most popular techniques for preventing distributed denial-of-service (DDoS) attacks on any kind of network. The objective of this systematic review is to identify, evaluate, and discuss new efforts on ML/DL-based DDoS attack detection strategies in SDN networks. To reach our objective, we conducted a systematic review in which we looked for publications that used ML/DL approach

... Show More
View Publication Preview PDF
Scopus (118)
Crossref (111)
Scopus Clarivate Crossref
Publication Date
Sat Aug 06 2022
Journal Name
Ijci. International Journal Of Computers And Information
Techniques for DDoS Attack in SDN: A Comparative Study
...Show More Authors

Abstract Software-Defined Networking (commonly referred to as SDN) is a newer paradigm that develops the concept of a software-driven network by separating data and control planes. It can handle the traditional network problems. However, this excellent architecture is subjected to various security threats. One of these issues is the distributed denial of service (DDoS) attack, which is difficult to contain in this kind of software-based network. Several security solutions have been proposed recently to secure SDN against DDoS attacks. This paper aims to analyze and discuss machine learning-based systems for SDN security networks from DDoS attack. The results have indicated that the algorithms for machine learning can be used to detect DDoS

... Show More
View Publication
Crossref (1)
Crossref
Publication Date
Fri Feb 01 2019
Journal Name
Iraqi Journal Of Information & Communications Technology
Evaluation of DDoS attacks Detection in a New Intrusion Dataset Based on Classification Algorithms
...Show More Authors

Intrusion detection system is an imperative role in increasing security and decreasing the harm of the computer security system and information system when using of network. It observes different events in a network or system to decide occurring an intrusion or not and it is used to make strategic decision, security purposes and analyzing directions. This paper describes host based intrusion detection system architecture for DDoS attack, which intelligently detects the intrusion periodically and dynamically by evaluating the intruder group respective to the present node with its neighbors. We analyze a dependable dataset named CICIDS 2017 that contains benign and DDoS attack network flows, which meets certifiable criteria and is ope

... Show More
View Publication Preview PDF
Crossref (22)
Crossref
Publication Date
Sat May 24 2025
Journal Name
Iraqi Journal For Computer Science And Mathematics
Intrusion Detection System for IoT Based on Modified Random Forest Algorithm
...Show More Authors

An intrusion detection system (IDS) is key to having a comprehensive cybersecurity solution against any attack, and artificial intelligence techniques have been combined with all the features of the IoT to improve security. In response to this, in this research, an IDS technique driven by a modified random forest algorithm has been formulated to improve the system for IoT. To this end, the target is made as one-hot encoding, bootstrapping with less redundancy, adding a hybrid features selection method into the random forest algorithm, and modifying the ranking stage in the random forest algorithm. Furthermore, three datasets have been used in this research, IoTID20, UNSW-NB15, and IoT-23. The results are compared with the three datasets men

... Show More
View Publication Preview PDF
Scopus Crossref
Publication Date
Wed Sep 07 2022
Journal Name
2022 Iraqi International Conference On Communication And Information Technologies (iiccit)
Construct an Efficient DDoS Attack Detection System Based on RF-C4.5-GridSearchCV
...Show More Authors

View Publication
Scopus (4)
Crossref (3)
Scopus Crossref
Publication Date
Sun Jun 20 2021
Journal Name
Baghdad Science Journal
Performance Evaluation of Intrusion Detection System using Selected Features and Machine Learning Classifiers
...Show More Authors

Some of the main challenges in developing an effective network-based intrusion detection system (IDS) include analyzing large network traffic volumes and realizing the decision boundaries between normal and abnormal behaviors. Deploying feature selection together with efficient classifiers in the detection system can overcome these problems.  Feature selection finds the most relevant features, thus reduces the dimensionality and complexity to analyze the network traffic.  Moreover, using the most relevant features to build the predictive model, reduces the complexity of the developed model, thus reducing the building classifier model time and consequently improves the detection performance.  In this study, two different sets of select

... Show More
View Publication Preview PDF
Scopus (26)
Crossref (18)
Scopus Clarivate Crossref
Publication Date
Wed Nov 30 2022
Journal Name
Iraqi Journal Of Science
Breast Cancer Detection using Decision Tree and K-Nearest Neighbour Classifiers
...Show More Authors

      Data mining has the most important role in healthcare for discovering hidden relationships in big datasets, especially in breast cancer diagnostics, which is the most popular cause of death in the world. In this paper two algorithms are applied that are decision tree and K-Nearest Neighbour for diagnosing Breast Cancer Grad in order to reduce its risk on patients. In decision tree with feature selection, the Gini index gives an accuracy of %87.83, while with entropy, the feature selection gives an accuracy of %86.77. In both cases, Age appeared as the  most effective parameter, particularly when Age<49.5. Whereas  Ki67  appeared as a second effective parameter. Furthermore, K- Nearest Neighbor is based on the minimu

... Show More
Scopus (12)
Crossref (8)
Scopus Crossref
Publication Date
Sun Jan 22 2023
Journal Name
Mesopotamian Journal Of Big Data
Parallel Machine Learning Algorithms
...Show More Authors

 To expedite the learning process, a group of algorithms known as parallel machine learning algorithmscan be executed simultaneously on several computers or processors. As data grows in both size andcomplexity, and as businesses seek efficient ways to mine that data for insights, algorithms like thesewill become increasingly crucial. Data parallelism, model parallelism, and hybrid techniques are justsome of the methods described in this article for speeding up machine learning algorithms. We alsocover the benefits and threats associated with parallel machine learning, such as data splitting,communication, and scalability. We compare how well various methods perform on a variety ofmachine learning tasks and datasets, and we talk abo

... Show More
View Publication
Scopus (23)
Crossref (15)
Scopus Crossref
Publication Date
Mon Dec 20 2021
Journal Name
Baghdad Science Journal
Recurrent Stroke Prediction using Machine Learning Algorithms with Clinical Public Datasets: An Empirical Performance Evaluation
...Show More Authors

Recurrent strokes can be devastating, often resulting in severe disability or death. However, nearly 90% of the causes of recurrent stroke are modifiable, which means recurrent strokes can be averted by controlling risk factors, which are mainly behavioral and metabolic in nature. Thus, it shows that from the previous works that recurrent stroke prediction model could help in minimizing the possibility of getting recurrent stroke. Previous works have shown promising results in predicting first-time stroke cases with machine learning approaches. However, there are limited works on recurrent stroke prediction using machine learning methods. Hence, this work is proposed to perform an empirical analysis and to investigate machine learning al

... Show More
View Publication Preview PDF
Scopus (13)
Crossref (7)
Scopus Clarivate Crossref
Publication Date
Tue May 23 2023
Journal Name
Journal Of Engineering
Enhancement of the Detection of the TCP SYN Flooding (DDoS) Attack
...Show More Authors

The major of DDoS attacks use TCP protocol and the TCP SYN flooding attack is the most common one among them. The SYN Cookie mechanism is used to defend against the TCP SYN flooding attack. It is an effective defense, but it has a disadvantage of high calculations and it doesn’t differentiate spoofed packets from legitimate packets. Therefore, filtering the spoofed packet can effectively enhance the SYN Cookie activity. Hop Count Filtering (HCF) is another mechanism used at the server side to filter spoofed packets. This mechanism has a drawback of being not a perfect and final solution in defending against the TCP SYN flooding attack. An enhanced mechanism of Integrating and combining the SYN Cookie with Hop Count Filtering (HCF) mech

... Show More
View Publication Preview PDF
Crossref