IEEE Access (Jan 2024)

Machine Learning and Deep Learning Techniques for Distributed Denial of Service Anomaly Detection in Software Defined Networks—Current Research Solutions

  • Nura Shifa Musa,
  • Nada Masood Mirza,
  • Saida Hafsa Rafique,
  • Amira Mahamat Abdallah,
  • Thangavel Murugan

DOI
https://doi.org/10.1109/ACCESS.2024.3360868
Journal volume & issue
Vol. 12
pp. 17982 – 18011

Abstract

Read online

This state-of-the-art review comprehensively examines the landscape of Distributed Denial of Service (DDoS) anomaly detection in Software Defined Networks (SDNs) through the lens of advanced Machine Learning (ML) and Deep Learning (DL) techniques. The application domain of this work is focused on addressing the inherent security vulnerabilities of SDN environments and developing an automated system for detecting and mitigating network attacks. The problem focused on in this review is the need for effective defensive mechanisms and detection methodologies to address these vulnerabilities. Conventional network measurement methodologies are limited in the context of SDNs, and the proposed ML and DL techniques aim to overcome these limitations by providing more accurate and efficient detection and mitigation of DDoS attacks. The objective of this work is to provide a comprehensive review of related works in the field of SDN anomaly detection recent advances, categorized into two groups via ML and DL techniques. The proposed systems utilize a variety of techniques, including Supervised Learning (SL), Unsupervised Learning (UL) Ensemble Learning (EL) and DL solutions, to process IP flows, profile network traffic, and identify attacks. The output comprises the mitigation policies learned by ML/DL techniques, and the proposed systems act as sophisticated gatekeepers, applying automated mitigation policies to curtail the extent of damage resulting from these attacks. The results obtained from the evaluation metrics, including accuracy, precision, and recall, confirm the marked effectiveness of the proposed systems in detecting and mitigating various types of attacks, including Distributed Denial of Service (DDoS) attacks. The proposed systems’ foundational contributions are manifest in their efficacy for both DDoS attack detection and defense within the SDN environment. However, the review acknowledges certain inherent limitations and the pressing need for further validation within real-world scenarios to assess the proposed methods’ practicality and effectiveness. In summary, this systematic review offers valuable perspectives on the present status of Distributed Denial-of-Service detection in Software-Defined Networks employing Machine Learning and Deep Learning methodologies, highlighting the strengths and limitations of various proposed systems and identifying areas for future research and development.

Keywords