This page has only limited features, please log in for full access.

Dr. Raja Majid Ali Ujjan
School of Computing, Engineering and Physical Sciences, University of the West of Scotland, Paisley, PA1 2BE, UK

Basic Info


Research Keywords & Expertise

0 Feature Extraction
0 Network Security
0 Network Security Implementation
0 Machine Learning and artificial intelligence
0 intrusion detection systems

Honors and Awards

The user has no records in this section


Career Timeline

The user has no records in this section.


Short Biography

Raja Majid Ali Ujjan obtained a PhD degree from the University of the West of Scotland (UWS) United Kingdom — where he is involved in researching applications of real-time packet analysis, feature extraction and data processing in collaboration with machine learning and SDN to protect computers networks and IoT networks from modern-day cyber-attacks. He completed his post-graduated in Cisco Networks from the University of Sunderland, United Kingdom. His major research interests comprise software-defined networking (SDN) based network security application with machine learning methods, mainly DDoS attacks traffic classification and detection via packets analysis, packets sampling and entropy calculation.

Following
Followers
Co Authors
Profile ImageRao Mumtaz GS-Lda, Aveiro, Aveiro, Port...
Profile ImageAli Kashif Bashir Department of Electrical and...
Profile ImageJonathan Gonzalez GS-Lda, Aveiro, Aveiro, Port...
Profile ImageUniversity of the West Scotland School of Computing, Enginee...
Profile ImageZeeshan Pervez School of Computing, Enginee...
Following: 5 users
View all

Feed

Conference
UK
Date: 20 October 2020
Journal article
Published: 01 February 2021 in Sustainability
Reads 0
Downloads 0

In modern network infrastructure, Distributed Denial of Service (DDoS) attacks are considered as severe network security threats. For conventional network security tools it is extremely difficult to distinguish between the higher traffic volume of a DDoS attack and large number of legitimate users accessing a targeted network service or a resource. Although these attacks have been widely studied, there are few works which collect and analyse truly representative characteristics of DDoS traffic. The current research mostly focuses on DDoS detection and mitigation with predefined DDoS data-sets which are often hard to generalise for various network services and legitimate users’ traffic patterns. In order to deal with considerably large DDoS traffic flow in a Software Defined Networking (SDN), in this work we proposed a fast and an effective entropy-based DDoS detection. We deployed generalised entropy calculation by combining Shannon and Renyi entropy to identify distributed features of DDoS traffic—it also helped SDN controller to effectively deal with heavy malicious traffic. To lower down the network traffic overhead, we collected data-plane traffic with signature-based Snort detection. We then analysed the collected traffic for entropy-based features to improve the detection accuracy of deep learning models: Stacked Auto Encoder (SAE) and Convolutional Neural Network (CNN). This work also investigated the trade-off between SAE and CNN classifiers by using accuracy and false-positive results. Quantitative results demonstrated SAE achieved relatively higher detection accuracy of 94% with only 6% of false-positive alerts, whereas the CNN classifier achieved an average accuracy of 93%.

ACS Style

Raja Majid Ali Ujjan; Zeeshan Pervez; Keshav Dahal; Wajahat Ali Khan; Asad Masood Khattak; Bashir Hayat. Entropy Based Features Distribution for Anti-DDoS Model in SDN. Sustainability 2021, 13, 1522 .

AMA Style

Raja Majid Ali Ujjan, Zeeshan Pervez, Keshav Dahal, Wajahat Ali Khan, Asad Masood Khattak, Bashir Hayat. Entropy Based Features Distribution for Anti-DDoS Model in SDN. Sustainability. 2021; 13 (3):1522.

Chicago/Turabian Style

Raja Majid Ali Ujjan; Zeeshan Pervez; Keshav Dahal; Wajahat Ali Khan; Asad Masood Khattak; Bashir Hayat. 2021. "Entropy Based Features Distribution for Anti-DDoS Model in SDN." Sustainability 13, no. 3: 1522.

Journal article
Published: 01 November 2019 in Future Generation Computer Systems
Reads 0
Downloads 0

Distributed Denial of Service (DDoS) is one of the most rampant attacks in the modern Internet of Things (IoT) network infrastructures. Security plays a very vital role for an ever-growing heterogeneous network of IoT nodes, which are directly connected to each other. Due to the preliminary stage of Software Defined Networking (SDN), in the IoT network, sampling based measurement approaches currently results in low-accuracy, higher memory consumption, higher-overhead in processing and network, and low attack-detection. To deal with these aforementioned issues, this paper proposes sFlow and adaptive polling based sampling with Snort Intrusion Detection System (IDS) and deep learning based model, which helps to lower down the various types of prevalent DDoS attacks inside the IoT network. The flexible decoupling property of SDN enables us to program network devices for required parameters without utilizing third-party propriety based hardware or software. Firstly, in data-plane, to lower down processing and network overhead of switches, we deployed sFlow and adaptive polling based sampling individually. Secondly, in control-plane, to optimize detection accuracy, we deployed Snort IDS collaboratively with Stacked Autoencoders (SAE) deep learning model. Furthermore, after applying performance metrics on collected traffic streams, we quantitatively investigate trade off among attack detection accuracy and resources overhead. The evaluation of the proposed system demonstrates higher detection accuracy with 95% of True Positive rate with less than 4% of False Positive rate within sFlow based implementation compared to adaptive polling.

ACS Style

Raja Majid Ali Ujjan; Zeeshan Pervez; Keshav Dahal; Ali Kashif Bashir; Rao Mumtaz; J. González. Towards sFlow and adaptive polling sampling for deep learning based DDoS detection in SDN. Future Generation Computer Systems 2019, 111, 763 -779.

AMA Style

Raja Majid Ali Ujjan, Zeeshan Pervez, Keshav Dahal, Ali Kashif Bashir, Rao Mumtaz, J. González. Towards sFlow and adaptive polling sampling for deep learning based DDoS detection in SDN. Future Generation Computer Systems. 2019; 111 ():763-779.

Chicago/Turabian Style

Raja Majid Ali Ujjan; Zeeshan Pervez; Keshav Dahal; Ali Kashif Bashir; Rao Mumtaz; J. González. 2019. "Towards sFlow and adaptive polling sampling for deep learning based DDoS detection in SDN." Future Generation Computer Systems 111, no. : 763-779.