Network management is a crucial task to maintain modern systems and applications running. Some applications have become vital for society and are expected to have zero downtime. Software-defined networks is a paradigm that collaborates with the scalability, modularity and manageability of systems by centralizing the network’s controller. However, this creates a weak point for distributed denial of service attacks if unprepared. This study proposes an anomaly detection system to detect distributed denial of service attacks in software-defined networks using generative adversarial neural networks with gated recurrent units. The proposed system uses unsupervised learning to detect unknown attacks in an interval of 1 second. A mitigation algorithm is also proposed to stop distributed denial-of-service attacks from harming the network’s operation. Two datasets were used to validate this model: the first developed by the computer networks study group Orion from the State University of Londrina. The second is a well-known dataset: CIC-DDoS2019, widely used by the anomaly detection community. Besides the gated recurrent units, other types of neurons are also tested in this work, they are: long short-term memory, convolutional and temporal convolutional. The detection module reached an F1-score of 99@ in the first dataset and 98@ in the second, while the mitigation module could drop 99@ of malicious flows in both datasets.
Full Text Finder