IEEE Access (Jan 2024)

Detecting DDoS Threats Using Supervised Machine Learning for Traffic Classification in Software Defined Networking

  • Abdinasir Hirsi,
  • Lukman Audah,
  • Adeb Salh,
  • Mohammed A. Alhartomi,
  • Salman Ahmed

DOI
https://doi.org/10.1109/ACCESS.2024.3486034
Journal volume & issue
Vol. 12
pp. 166675 – 166702

Abstract

Read online

Software-Defined Networking (SDN) is a promising solution for large-scale network management that offers extensive opportunities for optimization. However, the centralized control inherent in SDN also exposes networks to security threats, notably Distributed Denial of Service (DDoS) attacks. To address these challenges, machine learning (ML) techniques have emerged as potent tools for anomaly detection and mitigation. This paper proposes a novel approach for traffic classification within SDN environments that distinguishes between benign and malicious traffic using supervised ML techniques. This study introduces a unique dataset tailored for DDoS attack detection, overcoming the limitations of existing datasets, such as unrealistic topologies and lack of public availability. Benchmarking against the CICDDoS2019 dataset validated the efficacy and relevance of the custom dataset. This research has significant implications for real-world applications, offering improved capabilities for detecting and mitigating DDoS attacks in SDN infrastructure. Experimental results demonstrated the effectiveness of the proposed random forest model, achieving a remarkable accuracy of 98.97% and a minimal False Alarm Rate (FAR) of 0.023. These findings underscore the potential of ML-based approaches in enhancing network security and resilience against DDoS attacks in SDN environments, paving the way for future advancements in network-defense strategies.

Keywords