IEEE Access (Jan 2024)

Enhancing DDoS Attack Detection and Mitigation in SDN Using an Ensemble Online Machine Learning Model

  • Abdussalam Ahmed Alashhab,
  • Mohd Soperi Zahid,
  • Babangida Isyaku,
  • Asma Abbas Elnour,
  • Wamda Nagmeldin,
  • Abdelzahir Abdelmaboud,
  • Talal Ali Ahmed Abdullah,
  • Umar Danjuma Maiwada

DOI
https://doi.org/10.1109/ACCESS.2024.3384398
Journal volume & issue
Vol. 12
pp. 51630 – 51649

Abstract

Read online

Software Defined Networks (SDN) offer dynamic reconfigurability and scalability, revolutionizing traditional networking. However, countering Distributed Denial of Service (DDoS) attacks remains a formidable challenge for both traditional and SDN-based networks. The integration of Machine Learning (ML) into SDN holds promise for addressing these threats. While recent research demonstrates ML’s accuracy in distinguishing legitimate from malicious traffic, it faces difficulties in handling emerging, low-rate, and zero-day DDoS attacks due to limited feature scope for training. The ever-evolving DDoS landscape, driven by new protocols, necessitates continuous ML model retraining. In response to these challenges, we propose an ensemble online machine-learning model designed to enhance DDoS detection and mitigation. This approach utilizes online learning to adapt the model with expected attack patterns. The model is trained and evaluated using SDN simulation (Mininet and Ryu). Its dynamic feature selection capability overcomes conventional limitations, resulting in improved accuracy across diverse DDoS attack types. Experimental results demonstrate a remarkable 99.2% detection rate, outperforming comparable models on our custom dataset as well as various benchmark datasets, including CICDDoS2019, InSDN, and slow-read-DDoS. Moreover, the proposed model undergoes comparison with industry-standard commercial solutions. This work establishes a strong foundation for proactive DDoS threat identification and mitigation in SDN environments, reinforcing network security against evolving cyber risks.

Keywords