<span>Distributed denial-of-service (DDoS) attack is bluster to network security that purpose at exhausted the networks with malicious traffic. Although several techniques have been designed for DDoS attack detection, intrusion detection system (IDS) It has a great role in protecting the network system and has the ability to collect and analyze data from various network sources to discover any unauthorized access. The goal of IDS is to detect malicious traffic and defend the system against any fraudulent activity or illegal traffic. Therefore, IDS monitors outgoing and incoming network traffic. This paper contains a based intrusion detection system for DDoS attack, and has the ability to detect the attack intelligently, dynami

The major of DDoS attacks use TCP protocol and the TCP SYN flooding attack is the most common one among them. The SYN Cookie mechanism is used to defend against the TCP SYN flooding attack. It is an effective defense, but it has a disadvantage of high calculations and it doesn’t differentiate spoofed packets from legitimate packets. Therefore, filtering the spoofed packet can effectively enhance the SYN Cookie activity. Hop Count Filtering (HCF) is another mechanism used at the server side to filter spoofed packets. This mechanism has a drawback of being not a perfect and final solution in defending against the TCP SYN flooding attack. An enhanced mechanism of Integrating and combining the SYN Cookie with Hop Count Filtering (HCF) mech

Software-defined networks (SDN) have a centralized control architecture that makes them a tempting target for cyber attackers. One of the major threats is distributed denial of service (DDoS) attacks. It aims to exhaust network resources to make its services unavailable to legitimate users. DDoS attack detection based on machine learning algorithms is considered one of the most used techniques in SDN security. In this paper, four machine learning techniques (Random Forest, K-nearest neighbors, Naive Bayes, and Logistic Regression) have been tested to detect DDoS attacks. Also, a mitigation technique has been used to eliminate the attack effect on SDN. RF and KNN were selected because of their high accuracy results. Three types of ne

Abstract Software-Defined Networking (commonly referred to as SDN) is a newer paradigm that develops the concept of a software-driven network by separating data and control planes. It can handle the traditional network problems. However, this excellent architecture is subjected to various security threats. One of these issues is the distributed denial of service (DDoS) attack, which is difficult to contain in this kind of software-based network. Several security solutions have been proposed recently to secure SDN against DDoS attacks. This paper aims to analyze and discuss machine learning-based systems for SDN security networks from DDoS attack. The results have indicated that the algorithms for machine learning can be used to detect DDoS

Intrusion detection system is an imperative role in increasing security and decreasing the harm of the computer security system and information system when using of network. It observes different events in a network or system to decide occurring an intrusion or not and it is used to make strategic decision, security purposes and analyzing directions. This paper describes host based intrusion detection system architecture for DDoS attack, which intelligently detects the intrusion periodically and dynamically by evaluating the intruder group respective to the present node with its neighbors. We analyze a dependable dataset named CICIDS 2017 that contains benign and DDoS attack network flows, which meets certifiable criteria and is ope

HM Al-Dabbas, RA Azeez, AE Ali, IRAQI JOURNAL OF COMPUTERS, COMMUNICATIONS, CONTROL AND SYSTEMS ENGINEERING, 2023

The recent advancements in security approaches have significantly increased the ability to identify and mitigate any type of threat or attack in any network infrastructure, such as a software-defined network (SDN), and protect the internet security architecture against a variety of threats or attacks. Machine learning (ML) and deep learning (DL) are among the most popular techniques for preventing distributed denial-of-service (DDoS) attacks on any kind of network. The objective of this systematic review is to identify, evaluate, and discuss new efforts on ML/DL-based DDoS attack detection strategies in SDN networks. To reach our objective, we conducted a systematic review in which we looked for publications that used ML/DL approach

Achieving reliable operation under the influence of deep-submicrometer noise sources including crosstalk noise at low voltage operation is a major challenge for network on chip links. In this paper, we propose a coding scheme that simultaneously addresses crosstalk effects on signal delay and detects up to seven random errors through wire duplication and simple parity checks calculated over the rows and columns of the two-dimensional data. This high error detection capability enables the reduction of operating voltage on the wire leading to energy saving. The results show that the proposed scheme reduces the energy consumption up to 53% as compared to other schemes at iso-reliability performance despite the increase in the overhead number o