In my thesis, I propose a novel S2eH scheme to tackle Denial-of-Service (DoS) attacks in the Software-Defined Network Functions Virtualization (SDNFV) cloud computing environment. I firstly introduce a new machine learning hybrid model for DoS attack ...
In my thesis, I propose a novel S2eH scheme to tackle Denial-of-Service (DoS) attacks in the Software-Defined Network Functions Virtualization (SDNFV) cloud computing environment. I firstly introduce a new machine learning hybrid model for DoS attack classification based on Support Vector Machine (SVM) and Self Organizing Map (SOM) algorithms to enhance the performance of classification network traffic. The proposed combination mainly focuses on taking advantages of two classification algorithms by utilizing both algorithm advantages that SVM takes a little time to produce outputs with a high accuracy and SOM makes a reliable prediction based on their neurons. Then, I propose an enhanced History-based IP Filtering scheme (eHIPF) to improve attack detection rate and speed. Finally, I propose a novel mechanism combining both the machine learning hybrid model SVMs-SOM and the eHIPF scheme, called S2eH, to make a DoS attack defender in the SDNFV-enabled cloud computing. The S2eH testbed is implemented in the SDNFV cloud environment with Service Function Chaining. Through practical experiments in this testbed, it is proved that the proposed SVMs-SOM combination and eHIPF scheme outperforms existing mechanisms for DoS attack classification and detection. By analyzing comprehensive experiments conducted with various DoS attack levels, I prove that the novel S2eH mechanism is an effective and innovative approach to defend DoS attacks in the SDNFV-based cloud computing.