Journal of Information Systems and Informatics (Sep 2024)

Machine Learning Models for DDoS Detection in Software-Defined Networking: A Comparative Analysis

  • Ferdiansyah Ferdiansyah,
  • Darius Antoni,
  • Muhammad Valdo,
  • Mikko Mikko,
  • Chairul Mukmin,
  • Usman Ependi

DOI
https://doi.org/10.51519/journalisi.v6i3.864
Journal volume & issue
Vol. 6, no. 3
pp. 1790 – 1803

Abstract

Read online

In today's digital age, Software-Defined Networking (SDN) has become a pivotal technology that improves network control and flexibility. Despite its advantages, the centralized nature of SDN also makes it susceptible to threats such as Distributed Denial of Service (DDoS) attacks. This study compares the effectiveness of three machine learning models Random Forest, Naive Bayes, and Linear Support Vector Classification (LinearSVC) using the 'DDoS SDN dataset' from Kaggle, which contains 104,345 records and 23 features. An equal 70/30 ratio was used on model. The models were then assessed using measures such as accuracy, precision, recall, and F1-score, and ROC curves. Among the models, Random Forest outperformed the others with a 97% accuracy, precision values of 1.00 (benign traffic) and 0.94 (malicious traffic), and an ROC AUC score of 1.00. In contrast, Naive Bayes and LinearSVC recorded lower accuracies of 63% and 66%, respectively. These findings underscore Random Forest's effectiveness in detecting DDoS attacks within SDN environments.

Keywords