Portal de Periódicos da CAPES

Ascertain the efficient machine learning approach to detect different ARP attacks

2022; Elsevier BV; Volume: 99; Linguagem: Inglês

10.1016/j.compeleceng.2022.107757

1879-0755

Nisha Ahuja, Gaurav Singal, Debajyoti Mukhopadhyay, Ajay Nehra,

Internet Traffic Analysis and Secure E-voting

Software-Defined Networking (SDN) is a programmable network architecture that allows network devices to be controlled remotely, but it is still highly susceptible to traditional attacks such as Address Resolution Protocol (ARP) Poisoning, ARP Flooding, and others. The classification of benign network traffic from ARP Poison and ARP Flooding attacks is presented in this paper employing machine learning (ML) techniques. A python application is developed at the SDN controller using Mininet that collects and logs the features required to detect the attack into a file known as a traffic dataset. This dataset is used to train the ML model and detect the attacks. The hybrid model of Convolution Neural Network-Long Short Term Memory (CNN-LSTM) model out-performs the other ML models with an accuracy score of 99.73%. During the attack, a high CPU utilization of more than 97% and a high memory usage serve as experimental evidence. The attack detection time of 63000 microseconds also demonstrates the efficiency of attack detection.