DDoS Detection in Software-Defined Network (SDN) Using Machine Learning


Haya Alubaidan, Reem Alzaher, Maryam AlQhatani, Rami Mohammed, Imam Abdulrahman Bin Faisal University, Saudi Arabia


In recent years, the concept of cloud computing and the software-defined network (SDN) have spread widely. The services provided by many sectors such as medicine, education, banking, and transportation are being replaced gradually with cloud-based applications. Consequently, the availability of these services is critical. However, the cloud infrastructure and services are vulnerable to attackers who aim to breach its availability. One of the major threats to any system availability is a Denial-of-Service (DoS) attack, which is intended to deny the legitimate user from accessing cloud resources. The Distributed Denial-of-Service attack (DDoS) is a type of DoS attack which is considerably more effective and dangerous. A lot of efforts have been made by the research community to detect DDoS attacks, however, there is still a need for further efforts in this germane field. In this paper, machine learning techniques are utilized to build a model that can detect DDoS attacks in Software-Defined Networks (SDN). The used ML algorithms have shown high performance in the earliest studies; hence they have been used in this study along with feature selection technique. Therefore, our model utilized these algorithms to detect DDoS attacks in network traffic. The outcome of this experiment shows the impact of feature selection in improving the model performance. Eventually, The Random Forest classifier has achieved the highest accuracy of 0.99 in detecting DDoS attack.


Cloud Computing; Distributed Denial of Service (DDoS); Software-Defined Network (SDN); Machine Learning.