Performance Analysis of FloRa Flow Table Low Rate Overflow Reconnaissance and Detection in SDN
Implementation plan:
—————————
Step 1: Initially, we constructed an SDN network with 4 OpenFlow Switches, 8 Hosts(3 – Attacker nodes such as 1, 3, 6) and 1 RYU Controller.
Step 2: Then, we simulate the network by reproducing the IMC-10 Trace based dataset (univ1 – pt2 data), generate the LOFT Attack traffic data synthetically and Flow Table entries data, collect as pcap and export as csv file format.
Step 3: Next, we analyze flow rules and predict anomalies using Packet Arrival Frequency (PAF), Content Relevance Score (CRS), and Spoofed IP detection (PSI) based on the collected data.
Step 4: Next, we perform feature selection (RFECV) to identify the most significant flow-level features based on the collected data.
Step 5: Next, we implement CatBoost-based detection to classify malicious hosts and its flows based on the collected data.
Step 6: Next, we mitigate attacks by blacklisting malicious flows, evicting them from the flow table, and preserving legitimate flows based on the collected data.
Step 7: Finally, we plot performance for the following metrics:
7.1: Number of samples vs. Detection Accuracy (%)
7.2: Time (s) vs. CPU Usage (%)
7.3: Time (s) vs. Memory Usage (%)
7.4: Number of Flows vs. Classification Latency (ms)
Software Requirement:
—————————
1. Development Tool: i) Mininet-2.0 or Above Version
ii) Python-2.7 or Above version
iii) Wireshark [If needed]
2. Operating System: Ubuntu 16.04 LTS (64-bit) or Above
Note:
——-
1) If the proposed plan does not fully align with your requirements, please provide all necessary details—including steps, parameters, models, and expected outcomes—in advance. Once implementation begins, modifications will not be feasible without prior input. Kindly ensure that any missing configurations or specifications are clearly outlined in the plan before confirming, as post-implementation changes will not be accommodated.
2) If there’s no built-in solution for what the project needs, we can always turn to reference models, customize our own, different math models or write the code ourselves to fulfil the process.
3) If the plan satisfies your requirement, Please confirm with us.
4) Project based on Simulation only, not a real time project.
5) If you have any changes in the dataset, kindly provide before implementing it, we can’t change after the implementation.
| Technology | Ph.D | MS | M.Tech |
|---|---|---|---|
| NS2 | 75 | 117 | 95 |
| NS3 | 98 | 119 | 206 |
| OMNET++ | 103 | 95 | 87 |
| OPNET | 36 | 64 | 89 |
| QULANET | 30 | 76 | 60 |
| MININET | 71 | 62 | 74 |
| MATLAB | 96 | 185 | 180 |
| LTESIM | 38 | 32 | 16 |
| COOJA SIMULATOR | 35 | 67 | 28 |
| CONTIKI OS | 42 | 36 | 29 |
| GNS3 | 35 | 89 | 14 |
| NETSIM | 35 | 11 | 21 |
| EVE-NG | 4 | 8 | 9 |
| TRANS | 9 | 5 | 4 |
| PEERSIM | 8 | 8 | 12 |
| GLOMOSIM | 6 | 10 | 6 |
| RTOOL | 13 | 15 | 8 |
| KATHARA SHADOW | 9 | 8 | 9 |
| VNX and VNUML | 8 | 7 | 8 |
| WISTAR | 9 | 9 | 8 |
| CNET | 6 | 8 | 4 |
| ESCAPE | 8 | 7 | 9 |
| NETMIRAGE | 7 | 11 | 7 |
| BOSON NETSIM | 6 | 8 | 9 |
| VIRL | 9 | 9 | 8 |
| CISCO PACKET TRACER | 7 | 7 | 10 |
| SWAN | 9 | 19 | 5 |
| JAVASIM | 40 | 68 | 69 |
| SSFNET | 7 | 9 | 8 |
| TOSSIM | 5 | 7 | 4 |
| PSIM | 7 | 8 | 6 |
| PETRI NET | 4 | 6 | 4 |
| ONESIM | 5 | 10 | 5 |
| OPTISYSTEM | 32 | 64 | 24 |
| DIVERT | 4 | 9 | 8 |
| TINY OS | 19 | 27 | 17 |
| TRANS | 7 | 8 | 6 |
| OPENPANA | 8 | 9 | 9 |
| SECURE CRT | 7 | 8 | 7 |
| EXTENDSIM | 6 | 7 | 5 |
| CONSELF | 7 | 19 | 6 |
| ARENA | 5 | 12 | 9 |
| VENSIM | 8 | 10 | 7 |
| MARIONNET | 5 | 7 | 9 |
| NETKIT | 6 | 8 | 7 |
| GEOIP | 9 | 17 | 8 |
| REAL | 7 | 5 | 5 |
| NEST | 5 | 10 | 9 |
| PTOLEMY | 7 | 8 | 4 |
