Support Vector Machine (SVM) based Detection for Volumetric Bandwidth Distributed Denial of Service (DVB-DDOS) attack within gigabit Passive Optical Network
The dynamic bandwidth allocation (DBA) algorithm is highly impactful in improving the network performance of gigabit passive optical networks (GPON). Network security is an important component of today’s networks to combat security attacks, including GPON. However, the literature contains reports hi...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Universitas Mercu Buana
2025-01-01
|
| Series: | Jurnal Ilmiah SINERGI |
| Subjects: | |
| Online Access: | https://publikasi.mercubuana.ac.id/index.php/sinergi/article/view/26933 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841543976763523072 |
|---|---|
| author | Sumayya Bibi Nadiatulhuda Zulkifli Ghazanfar Ali Safdar Sajid Iqbal |
| author_facet | Sumayya Bibi Nadiatulhuda Zulkifli Ghazanfar Ali Safdar Sajid Iqbal |
| author_sort | Sumayya Bibi |
| collection | DOAJ |
| description | The dynamic bandwidth allocation (DBA) algorithm is highly impactful in improving the network performance of gigabit passive optical networks (GPON). Network security is an important component of today’s networks to combat security attacks, including GPON. However, the literature contains reports highlighting its vulnerability to specific attacks, thereby raising concerns. In this work, we argue that the impact of a volumetric bandwidth distributed denial of service (DVB-DDOS) attack can be mitigated by improving the dynamic bandwidth assignment (DBA) scheme, which is used in PON to manage the US bandwidth at the optical line terminal (OLT). Thus, this study uses a support vector machine (SVM), a machine learning approach, to learn the optical network unit (ONU) traffic demand patterns and presents a hybrid security-aware DBA (HSA-DBA) scheme that is capable of distinguishing malicious ONUs from normal ONUs. In this article, we consider the deployment of the HSA-DBA scheme in OMNET++ to acquire the monitoring data samples used to train the ML technique for the effective classification of ONUs. The simulation findings revealed a mean upstream delay improvement of up to 63% due to the security feature offered by the mechanism. Besides, significant reductions for the upstream delay performance recorded at 63% TCONT2, 65% TCONT3, and 95% TCONT4 and for frame loss rate reduction for normal ONU traffic, respectively, were observed in comparison to the non-secure DBA mechanism. This research provides a significant stride towards secure GPONs, ensuring reliable defense mechanisms are in place, which paves the way for more resilient future broadband network infrastructures. |
| format | Article |
| id | doaj-art-46d0ae4c46b343bba211d5f37734f28d |
| institution | Kabale University |
| issn | 1410-2331 2460-1217 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | Universitas Mercu Buana |
| record_format | Article |
| series | Jurnal Ilmiah SINERGI |
| spelling | doaj-art-46d0ae4c46b343bba211d5f37734f28d2025-01-13T04:38:19ZengUniversitas Mercu BuanaJurnal Ilmiah SINERGI1410-23312460-12172025-01-0129118519610.22441/sinergi.2025.1.0177903Support Vector Machine (SVM) based Detection for Volumetric Bandwidth Distributed Denial of Service (DVB-DDOS) attack within gigabit Passive Optical NetworkSumayya Bibi0Nadiatulhuda Zulkifli1Ghazanfar Ali Safdar2Sajid Iqbal3Faculty of Electrical Engineering, Universiti Teknologi MalaysiaFaculty of Electrical Engineering, Universiti Teknologi MalaysiaUniversity of BedfordshireKing Faisal UniversityThe dynamic bandwidth allocation (DBA) algorithm is highly impactful in improving the network performance of gigabit passive optical networks (GPON). Network security is an important component of today’s networks to combat security attacks, including GPON. However, the literature contains reports highlighting its vulnerability to specific attacks, thereby raising concerns. In this work, we argue that the impact of a volumetric bandwidth distributed denial of service (DVB-DDOS) attack can be mitigated by improving the dynamic bandwidth assignment (DBA) scheme, which is used in PON to manage the US bandwidth at the optical line terminal (OLT). Thus, this study uses a support vector machine (SVM), a machine learning approach, to learn the optical network unit (ONU) traffic demand patterns and presents a hybrid security-aware DBA (HSA-DBA) scheme that is capable of distinguishing malicious ONUs from normal ONUs. In this article, we consider the deployment of the HSA-DBA scheme in OMNET++ to acquire the monitoring data samples used to train the ML technique for the effective classification of ONUs. The simulation findings revealed a mean upstream delay improvement of up to 63% due to the security feature offered by the mechanism. Besides, significant reductions for the upstream delay performance recorded at 63% TCONT2, 65% TCONT3, and 95% TCONT4 and for frame loss rate reduction for normal ONU traffic, respectively, were observed in comparison to the non-secure DBA mechanism. This research provides a significant stride towards secure GPONs, ensuring reliable defense mechanisms are in place, which paves the way for more resilient future broadband network infrastructures.https://publikasi.mercubuana.ac.id/index.php/sinergi/article/view/26933attack detection systemdynamic bandwidth assignmentmachine learningpassive optical networksvm |
| spellingShingle | Sumayya Bibi Nadiatulhuda Zulkifli Ghazanfar Ali Safdar Sajid Iqbal Support Vector Machine (SVM) based Detection for Volumetric Bandwidth Distributed Denial of Service (DVB-DDOS) attack within gigabit Passive Optical Network Jurnal Ilmiah SINERGI attack detection system dynamic bandwidth assignment machine learning passive optical network svm |
| title | Support Vector Machine (SVM) based Detection for Volumetric Bandwidth Distributed Denial of Service (DVB-DDOS) attack within gigabit Passive Optical Network |
| title_full | Support Vector Machine (SVM) based Detection for Volumetric Bandwidth Distributed Denial of Service (DVB-DDOS) attack within gigabit Passive Optical Network |
| title_fullStr | Support Vector Machine (SVM) based Detection for Volumetric Bandwidth Distributed Denial of Service (DVB-DDOS) attack within gigabit Passive Optical Network |
| title_full_unstemmed | Support Vector Machine (SVM) based Detection for Volumetric Bandwidth Distributed Denial of Service (DVB-DDOS) attack within gigabit Passive Optical Network |
| title_short | Support Vector Machine (SVM) based Detection for Volumetric Bandwidth Distributed Denial of Service (DVB-DDOS) attack within gigabit Passive Optical Network |
| title_sort | support vector machine svm based detection for volumetric bandwidth distributed denial of service dvb ddos attack within gigabit passive optical network |
| topic | attack detection system dynamic bandwidth assignment machine learning passive optical network svm |
| url | https://publikasi.mercubuana.ac.id/index.php/sinergi/article/view/26933 |
| work_keys_str_mv | AT sumayyabibi supportvectormachinesvmbaseddetectionforvolumetricbandwidthdistributeddenialofservicedvbddosattackwithingigabitpassiveopticalnetwork AT nadiatulhudazulkifli supportvectormachinesvmbaseddetectionforvolumetricbandwidthdistributeddenialofservicedvbddosattackwithingigabitpassiveopticalnetwork AT ghazanfaralisafdar supportvectormachinesvmbaseddetectionforvolumetricbandwidthdistributeddenialofservicedvbddosattackwithingigabitpassiveopticalnetwork AT sajidiqbal supportvectormachinesvmbaseddetectionforvolumetricbandwidthdistributeddenialofservicedvbddosattackwithingigabitpassiveopticalnetwork |