Naïve Bayes Anomaly Detection System Design On Openflow Network

  • Nehemia Edbertus
  • Samuel Hutagalung
  • Hargyo Tri Nugroho

Abstract

One of the generally launched attacks is Distributed Denial of Service that renders its target unable to provide its service. Gaussian Naïve Bayes Classifier is one out of several techniques used in detecting those attacks by classifying network traffic in a window as an attack or a normal traffic based on normal distribution previously calculated from normal and attack traffic datasets. This research focuses on mitigating SYN Flood Type DDoS attacks on OpenFlow Network using Zodiac FX as a switch. The developed system utilizes OpenFlow Protocol to apply flow rule in switch’s flow table in order to detect and mitigate SYN Flood attacks in real-time. Applied mitigation procedure is to divert incoming packets into SYN Proxy so that only legitimate TCP packets are able to reach the server. The results show that the system has a bandwidth of up to 60Mbps under normal condition and 5,03Mbps under attack. Maximum malicious packets that could reach server before it is diverted to SYN Proxy is estimated to be 400 packets and not affected by the number of attacks, assuming that the flow rule sent by the controller are enacted immediately.

Downloads

Download data is not yet available.
Published
2020-01-16
How to Cite
Edbertus, N., Hutagalung, S., & Nugroho, H. (2020). Naïve Bayes Anomaly Detection System Design On Openflow Network. IJNMT (International Journal of New Media Technology), 6(2), 64-67. https://doi.org/https://doi.org/10.31937/ijnmt.v6i2.1186