Detalhes bibliográficos
| Ano de defesa: |
2021 |
| Autor(a) principal: |
Almeida Neto, João Ribeiro de |
| Orientador(a): |
Ribeiro, Admilson Ribamar |
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Dissertação
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
por |
| Instituição de defesa: |
Não Informado pela instituição
|
| Programa de Pós-Graduação: |
Pós-Graduação em Ciência da Computação
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: |
|
| Palavras-chave em Inglês: |
|
| Área do conhecimento CNPq: |
|
| Link de acesso: |
https://ri.ufs.br/jspui/handle/riufs/15022
|
Resumo: |
According to data from the Cisco Visual Networking Index (VNI), which aims to make a realistic forecast based on various levels and real data sources, it is estimated that the total number of DDoS attacks on a global level will reach 14.5 million by 2022. For this reason, it is essential to protect yourself from DDoS attacks. Thus, there is a need for new protection techniques to be developed. In addition, solutions need to take into account performance and scalability requirements. In addition, environments based on the SDN/NFV architecture allow network administrators to detect and react to DDoS attacks more efficiently. This is because network control is centralized and software-based traffic analysis capabilities can be developed. This dissertation analyzes the efficiency and effectiveness of using unsupervised machine learning algorithms that work with the data flow strategy in the detection of DDoS type attacks in SDN/NFV environments, through a comparative analysis. First, a Systematic Literature Mapping was carried out, which served as a basis for the realization of a first experiment. Then, a Systematic Literature Review was carried out, and works that used unsupervised machine learning to detect DDoS attacks and that worked with the data flow strategy were included, as this characteristic is inherent to the environment. SDN/NFV. Thus, the chosen algorithms were: BIRCH, Mini-batch k-means, Clustream, StreamKM++, DenStream, and D-Stream. After that, a platform was set up to run the experiment, as well as a dataset was developed. After performing the tests, a qualitative and quantitative analysis of the results was performed. The qualitative analysis aimed to compare how effective the algorithms are in detecting DDoS attacks and the quantitative analysis aimed to compare the efficiency, in this case, the processing speed of the algorithms in this detection. The results obtained show that the algorithms BIRCH, Mini-batch k-means, Clustream, and StreamKM++ obtained accuracy around 99%, while DenStream and D-Stream reached accuracy around 79%. The shortest total execution time was for the D-Stream algorithm, while the longest time was for StreamKM++. Because of this, the algorithms that stood out were D-Stream and Mini-batch k-means, since that was the fastest algorithm, and this one obtained an accuracy 25.18% higher than D-Stream. |
