Deteksi Dini Gangguan Jaringan Distributed Denial Of Service (DDOS) Menggunakan Metode Shannon Entropy Pada Software Defined Network (SDN)
DOI:
https://doi.org/10.25126/jtiik.938188Kata Kunci:
deteksi dini, Software Defined Networking, teori informasi, distributed denial of service, dataset, lalu lintas.Abstrak
Software Defined Networking (SDN) adalah arsitektur jaringan baru yang memisahkan antara control dan data plane. Aspek keamanan utama dalam control plane salah satunya adalah serangan DoS dan DDoS. Serangan DDoS mengakibatkan terjadinya penurunan performa jaringan yang berjalan sangat lambat. Serangan DDoS dilakukan dengan menyusupi dan membanjiri bandwidth ke sumber daya target, sehingga dapat menyebabkan penolakan layanan bagi pengguna yang mengaksesnya. Tak hanya itu, serangan DDoS menyebabkan penurunan sumber daya jaringan seperti kapasitas memory dan CPU. Akibatnya kerusakan signifikan pada sistem yang menjadi korban serangan dapat mengalami kerugian, baik secara finansial, reputasi bahkan kehilangan pelanggan yang membutuhkan layanan tersebut. Mencegah serangan DDoS diperlukan suatu tindakan pencegahan yaitu dengan deteksi dini serangan DDoS untuk mengurangi dampak serangan dan memulihkan sistem dengan lebih cepat. Deteksi dini yang disebabkan oleh DDoS pada jaringan SDN dilakukan melalui pendekatan metrik entropy berbasis teori informasi. Penelitian ini memfokuskan pendeteksian dini pada serangan DDoS di dalam lingkungan SDN melalui metode Shannon Entropy dengan mendeteksi lalu lintas atau trafik normal dan DDoS. Penelitian ini menggunakan dataset publik dari InSDN yang diterbitkan pada tahun 2020 untuk menentukan nilai ambang batas lalu lintas normal dan DDoS. Hasilnya, penelitian ini berhasil mendeteksi dini lalu lintas normal dan lalu lintas serangan DDoS dengan nilai entropy sesuai ambang batas, dengan nilai akurasi 100%, presisi 100% dan recall 100% yang dihitung menggunakan confusion matrix. Deteksi dini menampilkan akurasi dan performa yang dapat berkontribusi banyak dalam menunjang tingkat keamanan melalui pencegahan tahap awal, sehingga hasilnya dapat meningkatkan keamanan dan efektifitas pada lingkungan SDN.
Downloads
Referensi
AHALAWAT, A. ET AL. 2019 ‘Entropy Based DDoS Detection and Mitigation in OpenFlow Enabled SDN’, Proceedings - International Conference on Vision Towards Emerging Trends in Communication and Networking, ViTECoN 2019, pp. 1–5. Available at: https://doi.org/10.1109/ViTECoN.2019.8899721.
ALI, M.N. ET AL. 2023 ‘Low Rate DDoS Detection Using Weighted Federated Learning in SDN Control Plane in IoT Network’, Applied Sciences (Switzerland), 13(3). Available at: https://doi.org/10.3390/app13031431.
BAWANY, N.Z. AND SHAMSI, J.A. 2019 ‘SEAL: SDN based secure and agile framework for protecting smart city applications from DDoS attacks’, Journal of Network and Computer Applications, 145(April), p. 102381. Available at: https://doi.org/10.1016/j.jnca.2019.06.001.
BOITE, J. ET AL. 2017 ‘Statesec: Stateful monitoring for DDoS protection in software defined networks’, in 2017 IEEE Conference on Network Softwarization (NetSoft). IEEE, pp. 1–9. Available at: https://doi.org/10.1109/NETSOFT.2017.8004113.
CUI, J. ET AL. 2018 TDDAD: Time-based detection and defense scheme against DDoS attack on SDN controller, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Springer International Publishing. Available at: https://doi.org/10.1007/978-3-319-93638-3_37.
CUI, J. ET AL. 2019 ‘DDoS detection and defense mechanism based on cognitive-inspired computing in SDN’, Future Generation Computer Systems, 97, pp. 275–283. Available at: https://doi.org/10.1016/j.future.2019.02.037.
DEEPA, V., SUDAR, K.M. AND DEEPALAKSHMI, P. 2019 ‘Design of Ensemble Learning Methods for DDoS Detection in SDN Environment’, in Proceedings - International Conference on Vision Towards Emerging Trends in Communication and Networking, ViTECoN 2019. IEEE, pp. 1–6. Available at: https://doi.org/10.1109/ViTECoN.2019.8899682.
ELSAYED, M.S., LE-KHAC, N.A. AND JURCUT, A.D. 2020 ‘InSDN: A novel SDN intrusion dataset’, IEEE Access, 8, pp. 165263–165284. Available at: https://doi.org/10.1109/ACCESS.2020.3022633.
GIOTIS, K. ET AL. 2014 ‘Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments’, Computer Networks, 62, pp. 122–136. Available at: https://doi.org/10.1016/j.bjp.2013.10.014.
HONG, G.C., LEE, C.N. AND LEE, M.F. 2019 ‘Dynamic threshold for DDoS mitigation in SDN environment’, 2019 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference, APSIPA ASC 2019, (November), pp. 1–7. Available at: https://doi.org/10.1109/APSIPAASC47483.2019.9023229.
KALKAN, K. ET AL. 2018 ‘JESS: Joint Entropy-Based DDoS Defense Scheme in SDN’, IEEE Journal on Selected Areas in Communications, 36(10), pp. 2358–2372. Available at: https://doi.org/10.1109/JSAC.2018.2869997.
LANTZ, B. AND O’CONNOR, B. 2015 ‘A Mininet-based Virtual Testbed for Distributed SDN Development’, ACM SIGCOMM Computer Communication Review, 45(4), pp. 365–366. Available at: https://doi.org/10.1145/2829988.2790030.
LI, C. ET AL. 2018 ‘Detection and defense of DDoS attack–based on deep learning in OpenFlow-based SDN’, International Journal of Communication Systems, 31(5), p. e3497. Available at: https://doi.org/10.1002/dac.3497.
LI, R. AND WU, B. 2020 ‘Early detection of DDoS based on varphi-entropy in SDN networks’, Proceedings of 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference, ITNEC 2020, (Itnec), pp. 731–735. Available at: https://doi.org/10.1109/ITNEC48623.2020.9084885.
MADDU, M. AND RAO, Y.N. 2024 ‘Network intrusion detection and mitigation in SDN using deep learning models’, International Journal of Information Security, 23(2), pp. 849–862. Available at: https://doi.org/10.1007/s10207-023-00771-2.
MOUSAVI, S.M. AND ST-HILAIRE, M. 2015 ‘Early detection of DDoS attacks against SDN controllers’, 2015 International Conference on Computing, Networking and Communications, ICNC 2015, pp. 77–81. Available at: https://doi.org/10.1109/ICCNC.2015.7069319.
NAOUS, J. ET AL. 2008 ‘Implementing an OpenFlow switch on the NetFPGA platform’, Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, ANCS ’08, pp. 1–9. Available at: https://doi.org/10.1145/1477942.1477944.
NETSCOUT SYSTEMS (2019) ‘NETSCOUT’s 14th Annual Worldwide Infrastructure Security Report’, Retrieved from Netscout, 14(SECR_005_EN-1901–WISR), p. 44. Available at: https://www.netscout.com/sites/default/files/2019-03/SECR_005_EN-1901–WISR.pdf.
OMAR, T., HO, A. AND URBINA, B. 2019 ‘Detection of DDoS in SDN Environment Using Entropy-based Detection’, 2019 IEEE International Symposium on Technologies for Homeland Security, HST 2019, pp. 1–6. Available at: https://doi.org/10.1109/HST47167.2019.9032893.
PHAN, T. V. AND PARK, M. 2019 ‘Efficient distributed denial-of-service attack defense in sdn-based cloud’, IEEE Access, 7(c), pp. 18701–18714. Available at: https://doi.org/10.1109/ACCESS.2019.2896783.
RAJAN, D.M. AND ARAVINDHAR, D.D.J. 2023 ‘Detection and Mitigation of DDOS Attack in SDN Environment Using Hybrid CNN-LSTM’, Migration Letters, 20(S13), pp. 407–419. Available at: https://doi.org/10.59670/ml.v20is13.6472.
SAHOO, K.S. ET AL. 2018 ‘An early detection of low rate DDoS attack to SDN based data center networks using information distance metrics’, Future Generation Computer Systems, 89, pp. 685–697. Available at: https://doi.org/10.1016/j.future.2018.07.017.
SAHOO, K.S., TIWARY, M. AND SAHOO, B. 2018 ‘Detection of high rate DDoS attack from flash events using information metrics in software defined networks’, 2018 10th International Conference on Communication Systems and Networks, COMSNETS 2018, 2018-Janua, pp. 421–424. Available at: https://doi.org/10.1109/COMSNETS.2018.8328233.
SHANNON, C.E. 1948 ‘A Mathematical Theory of Communication’, Bell System Technical Journal, 27(3), pp. 379–423. Available at: https://doi.org/10.1002/j.1538-7305.1948.tb01338.x.
SINGH, J. AND BEHAL, S. 2020 ‘Detection and mitigation of DDoS attacks in SDN: A comprehensive review, research challenges and future directions’, Computer Science Review, 37, p. 100279. Available at: https://doi.org/10.1016/j.cosrev.2020.100279.
SOLICHIN, A. 2017 ‘Mengukur Kinerja Algoritma Klasifikasi dengan Confusion Matrix’, Retrieved from Achmatim [Preprint]. Available at: https://achmatim.net/2017/03/19/mengukur-kinerja-algoritma-klasifikasi-dengan-confusion-matrix/.
SUN, G. ET AL. 2019 ‘DDoS Attacks and Flash Event Detection Based on Flow Characteristics in SDN’, Proceedings of AVSS 2018 - 2018 15th IEEE International Conference on Advanced Video and Signal-Based Surveillance [Preprint]. Available at: https://doi.org/10.1109/AVSS.2018.8639103.
TANDON, R. 2020 ‘A Survey of Distributed Denial of Service Attacks and Defenses’. Available at: https://doi.org/https://arxiv.org/abs/2008.01345v1.
TONKAL, Ö. ET AL. 2021 ‘Machine learning approach equipped with neighbourhood component analysis for ddos attack detection in software-defined networking’, Electronics (Switzerland), 10(11). Available at: https://doi.org/10.3390/electronics10111227.
TSAI, S.C. ET AL. 2017 ‘Defending cloud computing environment against the challenge of DDoS attacks based on software defined network’, Smart Innovation, Systems and Technologies, 63, pp. 285–292. Available at: https://doi.org/10.1007/978-3-319-50209-0_35.
WANG, R., JIA, Z. AND JU, L. 2015 ‘An entropy-based distributed DDoS detection mechanism in software-defined networking’, Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015, 1, pp. 310–317. Available at: https://doi.org/10.1109/Trustcom.2015.389.
XUANYUAN, M., RAMSURRUN, V. AND SEEAM, A. 2019 ‘Detection and mitigation of DDoS attacks using conditional entropy in software-defined networking’, Proceedings of the 11th International Conference on Advanced Computing, ICoAC 2019, pp. 66–71. Available at: https://doi.org/10.1109/ICoAC48765.2019.246818.
Unduhan
Diterbitkan
Terbitan
Bagian
Lisensi
Hak Cipta (c) 2024 Jurnal Teknologi Informasi dan Ilmu Komputer
Artikel ini berlisensiCreative Commons Attribution-ShareAlike 4.0 International License.
Artikel ini berlisensi Creative Common Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)
Penulis yang menerbitkan di jurnal ini menyetujui ketentuan berikut:
- Penulis menyimpan hak cipta dan memberikan jurnal hak penerbitan pertama naskah secara simultan dengan lisensi di bawah Creative Common Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) yang mengizinkan orang lain untuk berbagi pekerjaan dengan sebuah pernyataan kepenulisan pekerjaan dan penerbitan awal di jurnal ini.
- Penulis bisa memasukkan ke dalam penyusunan kontraktual tambahan terpisah untuk distribusi non ekslusif versi kaya terbitan jurnal (contoh: mempostingnya ke repositori institusional atau menerbitkannya dalam sebuah buku), dengan pengakuan penerbitan awalnya di jurnal ini.
- Penulis diizinkan dan didorong untuk mem-posting karya mereka online (contoh: di repositori institusional atau di website mereka) sebelum dan selama proses penyerahan, karena dapat mengarahkan ke pertukaran produktif, seperti halnya sitiran yang lebih awal dan lebih hebat dari karya yang diterbitkan. (Lihat Efek Akses Terbuka).
