{"id":"https://openalex.org/W4388186045","doi":"https://doi.org/10.1109/iicaiet59451.2023.10291787","title":"Online Machine Learning Approach to Detect and Mitigate Low-Rate DDoS Attacks in SDN-Based Networks","display_name":"Online Machine Learning Approach to Detect and Mitigate Low-Rate DDoS Attacks in SDN-Based Networks","publication_year":2023,"publication_date":"2023-09-12","ids":{"openalex":"https://openalex.org/W4388186045","doi":"https://doi.org/10.1109/iicaiet59451.2023.10291787"},"language":"en","primary_location":{"id":"doi:10.1109/iicaiet59451.2023.10291787","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/iicaiet59451.2023.10291787","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Conference on Artificial Intelligence in Engineering and Technology (IICAIET)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5032580013","display_name":"Abdussalam Ahmed Alashhab","orcid":"https://orcid.org/0000-0002-5594-3415"},"institutions":[{"id":"https://openalex.org/I203899302","display_name":"Universiti Teknologi Petronas","ror":"https://ror.org/048g2sh07","country_code":"MY","type":"education","lineage":["https://openalex.org/I203899302"]},{"id":"https://openalex.org/I3132692309","display_name":"Alasmarya Islamic University","ror":"https://ror.org/01gr30f96","country_code":"LY","type":"education","lineage":["https://openalex.org/I3132692309"]}],"countries":["LY","MY"],"is_corresponding":true,"raw_author_name":"Abdussalam Ahmed Alashhab","raw_affiliation_strings":["Alasmarya Islamic University,Faculty of Information Technology,Department of Computer Science,Zliten,Libya","Department of Computer Science, Faculty of Information Technology, Alasmarya Islamic University, Zliten, Libya","Department of Computer and Information Science, Universiti Teknologi PETRONAS, Seri Iskandar, Malaysia"],"affiliations":[{"raw_affiliation_string":"Alasmarya Islamic University,Faculty of Information Technology,Department of Computer Science,Zliten,Libya","institution_ids":["https://openalex.org/I3132692309"]},{"raw_affiliation_string":"Department of Computer Science, Faculty of Information Technology, Alasmarya Islamic University, Zliten, Libya","institution_ids":["https://openalex.org/I3132692309"]},{"raw_affiliation_string":"Department of Computer and Information Science, Universiti Teknologi PETRONAS, Seri Iskandar, Malaysia","institution_ids":["https://openalex.org/I203899302"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024546347","display_name":"Mohd Soperi Mohd Zahid","orcid":"https://orcid.org/0000-0001-5042-5793"},"institutions":[{"id":"https://openalex.org/I203899302","display_name":"Universiti Teknologi Petronas","ror":"https://ror.org/048g2sh07","country_code":"MY","type":"education","lineage":["https://openalex.org/I203899302"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Mohd Soperi Mohd Zahid","raw_affiliation_strings":["Universiti Teknologi PETRONAS,Department of Computer and Information Science,Seri Iskandar,Malaysia","Department of Computer and Information Science, Universiti Teknologi PETRONAS, Seri Iskandar, Malaysia"],"affiliations":[{"raw_affiliation_string":"Universiti Teknologi PETRONAS,Department of Computer and Information Science,Seri Iskandar,Malaysia","institution_ids":["https://openalex.org/I203899302"]},{"raw_affiliation_string":"Department of Computer and Information Science, Universiti Teknologi PETRONAS, Seri Iskandar, Malaysia","institution_ids":["https://openalex.org/I203899302"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004960036","display_name":"Mohamed Alashhab","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Mohamed Alashhab","raw_affiliation_strings":["Universiti Sultan Azlan Shah,Faculty of Management and Information Technology,Kuala Kangsar,Malaysia","Faculty of Management and Information Technology, Universiti Sultan Azlan Shah, Kuala Kangsar, Malaysia"],"affiliations":[{"raw_affiliation_string":"Universiti Sultan Azlan Shah,Faculty of Management and Information Technology,Kuala Kangsar,Malaysia","institution_ids":[]},{"raw_affiliation_string":"Faculty of Management and Information Technology, Universiti Sultan Azlan Shah, Kuala Kangsar, Malaysia","institution_ids":[]}]},{"author_position":"last","author":{"id":null,"display_name":"Shehabuldin Alashhab","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Shehabuldin Alashhab","raw_affiliation_strings":["Universiti Sultan Azlan Shah,Faculty of Management and Information Technology,Kuala Kangsar,Malaysia","Faculty of Management and Information Technology, Universiti Sultan Azlan Shah, Kuala Kangsar, Malaysia"],"affiliations":[{"raw_affiliation_string":"Universiti Sultan Azlan Shah,Faculty of Management and Information Technology,Kuala Kangsar,Malaysia","institution_ids":[]},{"raw_affiliation_string":"Faculty of Management and Information Technology, Universiti Sultan Azlan Shah, Kuala Kangsar, Malaysia","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5032580013"],"corresponding_institution_ids":["https://openalex.org/I203899302","https://openalex.org/I3132692309"],"apc_list":null,"apc_paid":null,"fwci":1.4044,"has_fulltext":false,"cited_by_count":7,"citation_normalized_percentile":{"value":0.82823343,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"152","last_page":"157"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8706177473068237},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.8606681227684021},{"id":"https://openalex.org/keywords/software-defined-networking","display_name":"Software-defined networking","score":0.6796801090240479},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.6090637445449829},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5878541469573975},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5579304695129395},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.4509543478488922},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.34299972653388977},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.19492381811141968},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.09126055240631104}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8706177473068237},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.8606681227684021},{"id":"https://openalex.org/C77270119","wikidata":"https://www.wikidata.org/wiki/Q1655198","display_name":"Software-defined networking","level":2,"score":0.6796801090240479},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.6090637445449829},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5878541469573975},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5579304695129395},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.4509543478488922},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.34299972653388977},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.19492381811141968},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09126055240631104}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/iicaiet59451.2023.10291787","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/iicaiet59451.2023.10291787","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Conference on Artificial Intelligence in Engineering and Technology (IICAIET)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":26,"referenced_works":["https://openalex.org/W2111281854","https://openalex.org/W2139869637","https://openalex.org/W2165976789","https://openalex.org/W2490805536","https://openalex.org/W2805697719","https://openalex.org/W2962863496","https://openalex.org/W2999113954","https://openalex.org/W3013300152","https://openalex.org/W3031989616","https://openalex.org/W3081430061","https://openalex.org/W3082972036","https://openalex.org/W3095315490","https://openalex.org/W3117041256","https://openalex.org/W3144411758","https://openalex.org/W3173705396","https://openalex.org/W3182280563","https://openalex.org/W3199977697","https://openalex.org/W4206034117","https://openalex.org/W4210300927","https://openalex.org/W4225562555","https://openalex.org/W4246405190","https://openalex.org/W4289530011","https://openalex.org/W4311224545","https://openalex.org/W4312760756","https://openalex.org/W6745458143","https://openalex.org/W6752263680"],"related_works":["https://openalex.org/W2767068794","https://openalex.org/W4229489764","https://openalex.org/W3114854705","https://openalex.org/W2735897973","https://openalex.org/W4213341501","https://openalex.org/W1543555101","https://openalex.org/W3195575042","https://openalex.org/W2898113880","https://openalex.org/W2793567886","https://openalex.org/W4308272253"],"abstract_inverted_index":{"Software":[0],"Defined":[1],"Networking":[2],"(SDN)":[3],"technology":[4],"provides":[5],"rapid":[6],"configuration,":[7],"scalability,":[8],"and":[9,25,41,44,51,84,143,170,190,204,220,238,243],"management":[10],"through":[11],"its":[12],"dynamic,":[13],"programmable":[14],"architecture":[15,20],"that":[16,96,120,136,212],"outperforms":[17,221],"traditional":[18,43],"network":[19,165],"with":[21,57,68,89,224],"limitations":[22],"on":[23,79,181,227],"scalability":[24],"management.":[26],"However,":[27,72],"the":[28,75,90,122,172,179,186,195,205,213,228],"threat":[29],"of":[30,33,74,92,164],"Distributed":[31],"Denial":[32],"Service":[34],"(DDoS)":[35],"attacks":[36,95,152,237],"remains":[37],"difficult":[38,98],"to":[39,61,66,99,102,105,116,149,160,176,240],"detect":[40,100,150],"threatens":[42],"SDN-based":[45,154],"networks.":[46,155],"Fortunately,":[47],"Machine":[48,146],"Learning":[49,53],"(ML)":[50],"Deep":[52],"(DL)":[54],"technologies":[55],"along":[56],"SDN":[58],"have":[59,62],"proven":[60],"a":[63,86],"superior":[64],"potential":[65],"deal":[67],"these":[69,110],"threats":[70],"effectively.":[71],"most":[73],"previous":[76],"studies":[77,111],"focused":[78],"resolving":[80],"high-rate":[81],"DDoS":[82,94,183,245],"attacks,":[83,184],"only":[85],"few":[87],"dealt":[88],"detection":[91],"Low-rate":[93],"are":[97],"due":[101],"their":[103],"similarity":[104],"legitimate":[106],"traffic.":[107],"In":[108],"addition,":[109],"do":[112],"not":[113],"utilize":[114],"up":[115],"date":[117],"data":[118,167],"sets":[119],"contain":[121],"new":[123],"features.":[124],"To":[125],"address":[126],"this":[127],"issue,":[128],"we":[129],"propose":[130],"an":[131,199],"online":[132],"machine":[133],"learning":[134],"model":[135,157,173,180,216],"utilizes":[137],"Stochastic":[138],"Gradient":[139],"Descent":[140],"(SGD)":[141],"optimizer":[142],"Explainable":[144],"Boosting":[145],"(EBM)":[147],"classifier":[148],"LDDoS":[151,236],"in":[153,168,198],"Our":[156,208],"is":[158],"designed":[159],"process":[161],"large":[162],"amounts":[163],"traffic":[166],"real-time":[169],"updates":[171],"parameters":[174],"incrementally":[175],"continually":[177],"train":[178],"expected":[182],"as":[185],"attack":[187],"may":[188],"change":[189],"appear":[191],"differently.":[192],"We":[193],"evaluated":[194],"proposed":[196,214,232],"approach":[197],"SDN-simulated":[200],"environment":[201],"using":[202],"Mininet":[203],"Ryu":[206],"controller.":[207],"experimental":[209],"results":[210],"show":[211],"EBM":[215],"achieves":[217],"high":[218],"accuracy":[219,226],"existing":[222],"methods,":[223],"99%":[225],"training":[229],"data.":[230],"The":[231],"system":[233],"effectively":[234],"counters":[235],"adapts":[239],"future":[241],"mutations":[242],"zero-day":[244],"attacks.":[246]},"counts_by_year":[{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":1}],"updated_date":"2025-12-23T23:11:35.936235","created_date":"2025-10-10T00:00:00"}