Developing tunable machine learning workflow for traffic analysis in SDN

Traffic monitoring is a critical issue in networking in general, especially in SDN due to its layered architecture in which the control plane represents a single point of failure. Therefore, this paper is tailored to mitigate the control and mitigate the effect od the DDoS attacks in SDN networks. I...

Full description

Saved in:
Bibliographic Details
Published inSerbian journal of electrical engineering Vol. 22; no. 2; pp. 183 - 199
Main Authors Samaan, Sama, Jeiad, Hassan
Format Journal Article
LanguageEnglish
Published Faculty of Technical Sciences in Cacak 01.01.2025
Subjects
machine learning pipeline
machine learning workflow
sdn
spark
traffic analysis
Online AccessGet full text
ISSN1451-4869
2217-7183
2217-7183
DOI10.2298/SJEE2502183S

Cover

More Information
Summary:Traffic monitoring is a critical issue in networking in general, especially in SDN due to its layered architecture in which the control plane represents a single point of failure. Therefore, this paper is tailored to mitigate the control and mitigate the effect od the DDoS attacks in SDN networks. It presents a complete machine learning (ML) workflow that begins with data ingestion and end with a trained model that is capable of analyzing packets in a production network. Three ML pipelines are part of this workflow, where the training process is carried out on a distributed framework, i.e., Spark, to accomplish a near real time analysis for each flow of packets. To evaluate the performance of the suggested workflow, the LRHR DDoS 2024 dataset is employed. The decision tree model outperforms the remaining models with 99% of accuracy and 4 min 33 s of training time.
ISSN:1451-4869
2217-7183
2217-7183
DOI:10.2298/SJEE2502183S