We introduced a Protocol-independent Packet Processor (P4)-based two-layer firewall with a detection system for identifying denial-of-service (DDoS) attacks. P4-based switch enables real-time packet inspection in the Data Plane by reducing latency associated with packet filtering. The system enhances network security through dynamic traffic-blocking rules trained by machine learning modeling. Using Software-Defined Networking (SDN), the system seamlessly operates with or without current SDN protocols and dynamically adapts to changing threats. The simulation results showed that the proposed approach enhanced network security in the continuously evolving internet environment.
Relation:
2024 IEEE 4th International Conference on Electronic Communications, Internet of Things and Big Data (ICEIB)