Developing tunable machine learning workflow for traffic analysis in SDN
Traffic monitoring is a critical issue in networking in general, especially in SDN due to its layered architecture in which the control plane represents a single point of failure. Therefore, this paper is tailored to mitigate the control and mitigate the effect od the DDoS attacks in SDN networks. I...
Saved in:
| Published in | Serbian journal of electrical engineering Vol. 22; no. 2; pp. 183 - 199 |
|---|---|
| Main Authors | , |
| Format | Journal Article |
| Language | English |
| Published |
Faculty of Technical Sciences in Cacak
01.01.2025
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 1451-4869 2217-7183 2217-7183 |
| DOI | 10.2298/SJEE2502183S |
Cover
| Abstract | Traffic monitoring is a critical issue in networking in general, especially in SDN due to its layered architecture in which the control plane represents a single point of failure. Therefore, this paper is tailored to mitigate the control and mitigate the effect od the DDoS attacks in SDN networks. It presents a complete machine learning (ML) workflow that begins with data ingestion and end with a trained model that is capable of analyzing packets in a production network. Three ML pipelines are part of this workflow, where the training process is carried out on a distributed framework, i.e., Spark, to accomplish a near real time analysis for each flow of packets. To evaluate the performance of the suggested workflow, the LRHR DDoS 2024 dataset is employed. The decision tree model outperforms the remaining models with 99% of accuracy and 4 min 33 s of training time. |
|---|---|
| AbstractList | Traffic monitoring is a critical issue in networking in general, especially in SDN due to its layered architecture in which the control plane represents a single point of failure. Therefore, this paper is tailored to mitigate the control and mitigate the effect od the DDoS attacks in SDN networks. It presents a complete machine learning (ML) workflow that begins with data ingestion and end with a trained model that is capable of analyzing packets in a production network. Three ML pipelines are part of this workflow, where the training process is carried out on a distributed framework, i.e., Spark, to accomplish a near real time analysis for each flow of packets. To evaluate the performance of the suggested workflow, the LRHR DDoS 2024 dataset is employed. The decision tree model outperforms the remaining models with 99% of accuracy and 4 min 33 s of training time. |
| Author | Jeiad, Hassan Samaan, Sama |
| Author_xml | – sequence: 1 givenname: Sama orcidid: 0000-0002-6805-1483 surname: Samaan fullname: Samaan, Sama organization: Computer Engineering Department, University of Technology, Iraq – sequence: 2 givenname: Hassan orcidid: 0000-0001-5560-3157 surname: Jeiad fullname: Jeiad, Hassan organization: Computer Engineering Department, University of Technology, Iraq |
| BookMark | eNplkc1OAjEUhRujiYjsfIA-gKNtp3-zNICCIbpA15M7My0Olpa0IOHtHYQYE-_m5p578i3OuULnPniD0A0ld4wV-n7-PB4zQRjV-fwM9RijKlPdcY56lAuacS2LSzRIaUm6kYopIXtoMjJfxoV16xd4s_VQOYNXUH-03mBnIPrDYxfip3Vhh22IeBPB2rbG4MHtU5tw6_F89HKNLiy4ZAan3Ufvj-O34SSbvT5Nhw-zrGY0T5mxitVMVpwrWjDLaimh0ZUECQe1AEKaAjRXgldQ0JyqWjHQQjeaS6lU3kfTI7cJsCzXsV1B3JcB2vJHCHFRQty0tTOltcxKm9NcKcNFJQojJGOakiLXmkjesbIja-vXsN-Bc79ASspDqmVaGnNKNXX-26O_jiGlaOw_-98S8m9gCnif |
| Cites_doi | 10.3390/s21196585 10.1109/BigComp.2018.00044 10.1007/s13042-024-02465-0 10.11591/ijai.v12.i2.pp861-873 10.11591/eei.v12i4.4711 10.1038/s41596-019-0251-6 10.1016/j.procs.2020.04.167 10.1109/COMST.2018.2866942 10.1109/ICC.2018.8422327 10.3390/info13020058 10.33640/2405-609X.3197 10.1049/gtd2.12997 10.2298/SJEE2402235N 10.33103/uot.ijccce.21.1.1 10.1504/IJDMB.2020.105438 10.1109/ITCE48509.2020.9047795 10.11591/eei.v11i4.3835 10.3390/s22218287 10.1109/iCMLDE49015.2019.00012 10.26599/BDMA.2018.9020005 10.3390/bdcc6020038 10.11591/ijai.v11.i2.pp448-461 10.1002/dac.3497 10.2298/SJEE2203273M 10.1016/j.cosrev.2020.100279 10.3390/s22155551 10.1155/2019/8012568 10.1007/s11277-021-08127-6 10.1109/MPOT.2020.3016280 10.32604/cmes.2022.020724 |
| ContentType | Journal Article |
| DBID | AAYXX CITATION ADTOC UNPAY DOA |
| DOI | 10.2298/SJEE2502183S |
| DatabaseName | CrossRef Unpaywall for CDI: Periodical Content Unpaywall DOAJ Directory of Open Access Journals |
| DatabaseTitle | CrossRef |
| DatabaseTitleList | CrossRef |
| Database_xml | – sequence: 1 dbid: DOA name: DOAJ Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website – sequence: 2 dbid: UNPAY name: Unpaywall url: https://proxy.k.utb.cz/login?url=https://unpaywall.org/ sourceTypes: Open Access Repository |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Engineering |
| EISSN | 2217-7183 |
| EndPage | 199 |
| ExternalDocumentID | oai_doaj_org_article_ff2f6f31377e45b59e56228109388064 10.2298/sjee2502183s 10_2298_SJEE2502183S |
| GroupedDBID | 53S 5VS AAYXX ABDBF ACUHS ADBBV ALMA_UNASSIGNED_HOLDINGS BCNDV CITATION ESX GROUPED_DOAJ I-F IPNFZ KQ8 MK~ OK1 P2P RIG TUS ADTOC UNPAY |
| ID | FETCH-LOGICAL-c213s-ef72c26b447192f2c66ad8b6a6a26b49a00d9a84754ba91317c72a858d8466773 |
| IEDL.DBID | DOA |
| ISSN | 1451-4869 2217-7183 |
| IngestDate | Fri Oct 03 12:53:30 EDT 2025 Mon Sep 15 10:19:29 EDT 2025 Wed Oct 01 05:40:58 EDT 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 2 |
| Language | English |
| License | http://creativecommons.org/licenses/by-nc-nd/4.0 cc-by-nc-nd |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c213s-ef72c26b447192f2c66ad8b6a6a26b49a00d9a84754ba91317c72a858d8466773 |
| ORCID | 0000-0002-6805-1483 0000-0001-5560-3157 |
| OpenAccessLink | https://doaj.org/article/ff2f6f31377e45b59e56228109388064 |
| PageCount | 17 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_ff2f6f31377e45b59e56228109388064 unpaywall_primary_10_2298_sjee2502183s crossref_primary_10_2298_SJEE2502183S |
| ProviderPackageCode | CITATION AAYXX |
| PublicationCentury | 2000 |
| PublicationDate | 2025-01-01 |
| PublicationDateYYYYMMDD | 2025-01-01 |
| PublicationDate_xml | – month: 01 year: 2025 text: 2025-01-01 day: 01 |
| PublicationDecade | 2020 |
| PublicationTitle | Serbian journal of electrical engineering |
| PublicationYear | 2025 |
| Publisher | Faculty of Technical Sciences in Cacak |
| Publisher_xml | – name: Faculty of Technical Sciences in Cacak |
| References | ref13 ref12 ref15 ref14 ref31 ref30 ref11 ref10 ref2 ref1 ref17 ref16 ref19 ref18 ref24 ref23 ref26 ref25 ref20 ref22 ref21 ref28 ref27 ref29 ref8 ref7 ref9 ref4 ref3 ref6 ref5 |
| References_xml | – ident: ref3 doi: 10.3390/s21196585 – ident: ref6 doi: 10.1109/BigComp.2018.00044 – ident: ref27 doi: 10.1007/s13042-024-02465-0 – ident: ref14 doi: 10.11591/ijai.v12.i2.pp861-873 – ident: ref31 doi: 10.11591/eei.v12i4.4711 – ident: ref25 doi: 10.1038/s41596-019-0251-6 – ident: ref18 doi: 10.1016/j.procs.2020.04.167 – ident: ref21 doi: 10.1109/COMST.2018.2866942 – ident: ref29 doi: 10.1109/ICC.2018.8422327 – ident: ref13 doi: 10.3390/info13020058 – ident: ref23 doi: 10.33640/2405-609X.3197 – ident: ref15 doi: 10.1049/gtd2.12997 – ident: ref2 doi: 10.2298/SJEE2402235N – ident: ref24 doi: 10.33103/uot.ijccce.21.1.1 – ident: ref16 doi: 10.1504/IJDMB.2020.105438 – ident: ref30 – ident: ref19 doi: 10.1109/ITCE48509.2020.9047795 – ident: ref26 doi: 10.11591/eei.v11i4.3835 – ident: ref4 doi: 10.3390/s22218287 – ident: ref11 doi: 10.1109/iCMLDE49015.2019.00012 – ident: ref28 doi: 10.26599/BDMA.2018.9020005 – ident: ref17 doi: 10.3390/bdcc6020038 – ident: ref22 doi: 10.11591/ijai.v11.i2.pp448-461 – ident: ref5 doi: 10.1002/dac.3497 – ident: ref12 doi: 10.2298/SJEE2203273M – ident: ref9 doi: 10.1016/j.cosrev.2020.100279 – ident: ref1 doi: 10.3390/s22155551 – ident: ref7 doi: 10.1155/2019/8012568 – ident: ref8 doi: 10.1007/s11277-021-08127-6 – ident: ref10 doi: 10.1109/MPOT.2020.3016280 – ident: ref20 doi: 10.32604/cmes.2022.020724 |
| SSID | ssj0000672756 |
| Score | 2.281359 |
| Snippet | Traffic monitoring is a critical issue in networking in general, especially in SDN due to its layered architecture in which the control plane represents a... |
| SourceID | doaj unpaywall crossref |
| SourceType | Open Website Open Access Repository Index Database |
| StartPage | 183 |
| SubjectTerms | machine learning pipeline machine learning workflow sdn spark traffic analysis |
| SummonAdditionalLinks | – databaseName: Unpaywall dbid: UNPAY link: http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1NTxsxEB214dByoJ-I0A_5UHrbkHhtr32kJShCalQpREpPK9trIyBsULIRgl_fmc0mTcWlvVqzsuyx_Z69M28AvoRoEeW8TrrOiURo4xOX6TTpOdHLYlFIXyfS_hiqwVicT-Tkz9MFRVXiXqZqJFe2U7rOfHFM_ZI6Lf0xFRJvPFoZBG7C9tFz2FESSXgLdsbDnye_6lyixobKyiHhTvD0TVch75wbfby4DqH5fPEXGNWa_bvwYlne2Yd7O51uAc3ZK5is03VW8SU3nWXlOv7xqXrj_47hNew15JOdrFbLG3gWyrewuyVJ-A4Gp5ssKlYt68QqdlsHXAbWVJi4ZBTMFaeze4aMl1VzSzIUzDbyJuyqZKPT4XsYn_Uvvg-SptpC4nkvXSQhZtxz5QTCleGRe6VsoZ2yylKrsd1uYSyCmRTOmh7yDp9xq6UukMKoLEv3oVXOynBAeeDCae6yqKIWXDgXkQdJ7Y3uCsdT24aj9bTndytRjRwvI-SefHTe769npg3fyCcbG5LCrhtm88u82Vl5jBz7SUk5MQjppAlI6bgmmSw8m5Row9eNR5_0tr0YDv_V8AO85FQFuH6I-Qitar4Mn5CaVO5zswx_A-iA3gw priority: 102 providerName: Unpaywall |
| Title | Developing tunable machine learning workflow for traffic analysis in SDN |
| URI | http://www.doiserbia.nb.rs/ft.aspx?id=1451-48692502183S https://doaj.org/article/ff2f6f31377e45b59e56228109388064 |
| UnpaywallVersion | publishedVersion |
| Volume | 22 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVAFT databaseName: Open Access Digital Library customDbUrl: eissn: 2217-7183 dateEnd: 99991231 omitProxy: true ssIdentifier: ssj0000672756 issn: 2217-7183 databaseCode: KQ8 dateStart: 20030101 isFulltext: true titleUrlDefault: http://grweb.coalliance.org/oadl/oadl.html providerName: Colorado Alliance of Research Libraries – providerCode: PRVAON databaseName: DOAJ Directory of Open Access Journals customDbUrl: eissn: 2217-7183 dateEnd: 99991231 omitProxy: true ssIdentifier: ssj0000672756 issn: 2217-7183 databaseCode: DOA dateStart: 20030101 isFulltext: true titleUrlDefault: https://www.doaj.org/ providerName: Directory of Open Access Journals – providerCode: PRVEBS databaseName: EBSCOhost Academic Search Ultimate customDbUrl: https://search.ebscohost.com/login.aspx?authtype=ip,shib&custid=s3936755&profile=ehost&defaultdb=asn eissn: 2217-7183 dateEnd: 99991231 omitProxy: true ssIdentifier: ssj0000672756 issn: 2217-7183 databaseCode: ABDBF dateStart: 20101101 isFulltext: true titleUrlDefault: https://search.ebscohost.com/direct.asp?db=asn providerName: EBSCOhost |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV3PS8MwFA4yD7qD-BPnL3JQb2VdmqTJcXMbY-AQ5mCeSpImosxubB3D_94kraPiwYvHhsIrX0K-75X3vgfArTbCspxiQSglDjDjKpAxi4KWxK3YpClRvpH2cUQHEzyckmll1JerCSvsgQvgmsYgQ03kjPE0JpJwbRkbMeeCZI8e9U6gIeOVZKq8g52vuW8tIjZJYpQXVe8IcdYcD3s9S_1OHYx_8JG37a-DvXW2EJ8bMZtVuKZ_CA5KkQjbxccdgR2dHYN6xTrwBAy6224nmK99AxT88IWRGpaTIF6hK7oys_kGWmUK86VwdhFQlDYk8C2D4-7oFEz6veeHQVBORQgUakWrQJsYKUQltrTCkUGKUpEySQUVbpWLMEy5sKRDsBS8ZfWBipFghKVWatA4js5ALZtn-tz1a2PJkIwtwAwjLKWxeoUwxVmIJYpEA9x9Y5MsCvOLxCYNDsOkimEDdBxw23ecZbVfsBuZlBuZ_LWRDXC_hf1XtNW71mW01cV_RLsE-8hN8vU_U65ALV-u9bWVF7m8AbvtTrfTv_Enyj5NRk_tly82v8qt |
| linkProvider | Directory of Open Access Journals |
| linkToUnpaywall | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1NTxsxEB214dByoJ-I0A_5UHrbkHhtr32kJShCalQpREpPK9trIyBsULIRgl_fmc0mTcWlvVqzsuyx_Z69M28AvoRoEeW8TrrOiURo4xOX6TTpOdHLYlFIXyfS_hiqwVicT-Tkz9MFRVXiXqZqJFe2U7rOfHFM_ZI6Lf0xFRJvPFoZBG7C9tFz2FESSXgLdsbDnye_6lyixobKyiHhTvD0TVch75wbfby4DqH5fPEXGNWa_bvwYlne2Yd7O51uAc3ZK5is03VW8SU3nWXlOv7xqXrj_47hNew15JOdrFbLG3gWyrewuyVJ-A4Gp5ssKlYt68QqdlsHXAbWVJi4ZBTMFaeze4aMl1VzSzIUzDbyJuyqZKPT4XsYn_Uvvg-SptpC4nkvXSQhZtxz5QTCleGRe6VsoZ2yylKrsd1uYSyCmRTOmh7yDp9xq6UukMKoLEv3oVXOynBAeeDCae6yqKIWXDgXkQdJ7Y3uCsdT24aj9bTndytRjRwvI-SefHTe769npg3fyCcbG5LCrhtm88u82Vl5jBz7SUk5MQjppAlI6bgmmSw8m5Row9eNR5_0tr0YDv_V8AO85FQFuH6I-Qitar4Mn5CaVO5zswx_A-iA3gw |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Developing+tunable+machine+learning+workflow+for+traffic+analysis+in+SDN&rft.jtitle=Serbian+journal+of+electrical+engineering&rft.au=Samaan%2C+Sama&rft.au=Jeiad%2C+Hassan&rft.date=2025-01-01&rft.issn=1451-4869&rft.eissn=2217-7183&rft.volume=22&rft.issue=2&rft.spage=183&rft.epage=199&rft_id=info:doi/10.2298%2FSJEE2502183S&rft.externalDBID=n%2Fa&rft.externalDocID=10_2298_SJEE2502183S |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1451-4869&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1451-4869&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1451-4869&client=summon |