@inproceedings{scholars19036,
             doi = {10.1109/IICAIET59451.2023.10291787},
       publisher = {Institute of Electrical and Electronics Engineers Inc.},
            year = {2023},
         journal = {5th IEEE International Conference on Artificial Intelligence in Engineering and Technology, IICAIET 2023},
           title = {Online Machine Learning Approach to Detect and Mitigate Low-Rate DDoS Attacks in SDN-Based Networks},
           pages = {152--157},
            note = {cited By 2; Conference of 5th IEEE International Conference on Artificial Intelligence in Engineering and Technology, IICAIET 2023 ; Conference Date: 12 September 2023 Through 14 September 2023; Conference Code:193996},
          author = {Alashhab, A. A. and Mohd Zahid, M. S. and Alashhab, M. and Alashhab, S.},
        keywords = {Adaptive boosting; Deep learning; Denial-of-service attack; E-learning; Gradient methods; Learning systems; Network architecture; Stochastic models; Zero-day attack, Denialof- service attacks; Distributed denial of service; Explainable boosting machine; LDDoS attack; Machine-learning; Online machine learning; Online machines; Open flow; Software-defined networkings; Stochastic gradient descent, Stochastic systems},
        abstract = {Software Defined Networking (SDN) technology provides rapid configuration, scalability, and management through its dynamic, programmable architecture that outperforms traditional network architecture with limitations on scalability and management. However, the threat of Distributed Denial of Service (DDoS) attacks remains difficult to detect and threatens traditional and SDN-based networks. Fortunately, Machine Learning (ML) and Deep Learning (DL) technologies along with SDN have proven to have a superior potential to deal with these threats effectively. However, most of the previous studies focused on resolving high-rate DDoS attacks, and only a few dealt with the detection of Low-rate DDoS attacks that are difficult to detect due to their similarity to legitimate traffic. In addition, these studies do not utilize up to date data sets that contain the new features. To address this issue, we propose an online machine learning model that utilizes Stochastic Gradient Descent (SGD) optimizer and Explainable Boosting Machine (EBM) classifier to detect LDDoS attacks in SDN-based networks. Our model is designed to process large amounts of network traffic data in real-time and updates the model parameters incrementally to continually train the model on expected DDoS attacks, as the attack may change and appear differently. We evaluated the proposed approach in an SDN-simulated environment using Mininet and the Ryu controller. Our experimental results show that the proposed EBM model achieves high accuracy and outperforms existing methods, with 99 accuracy on the training data. The proposed system effectively counters LDDoS attacks and adapts to future mutations and zero-day DDoS attacks. {\^A}{\copyright} 2023 IEEE.},
             url = {https://www.scopus.com/inward/record.uri?eid=2-s2.0-85178630136&doi=10.1109\%2fIICAIET59451.2023.10291787&partnerID=40&md5=20f86b89230f8f84627504d77ee6c2e1},
            isbn = {9798350304152}
}