Volume 16, Number 6

An Innovative Hybrid Model for Effective DDOS Attack Detection in Software Defined Networks

  Authors

Quang Truong Can, Tien Dat Nguyen, Minh Bao Pham, Thanh Tung Nguyen, Thi Hanh AnTran and Thi Thai Mai Dinh, VNU University of Engineering and Technology, Viet Nam

  Abstract

Software-Defined Networking (SDN) is a sophisticated network architecture that offers enhanced flexibility and streamlined management through a centralized controller. While these advantages allow SDNs to adapt to growing network demands, they also introduce potential security risks. Specifically, the centralized nature of SDN makes it vulnerable to network attacks, such as Distributed Denial of Service (DDoS) attacks, which can overwhelm network resources and cause widespread congestion. In this study, we propose a DDoS detection model that combines entropy-based features with Support Vector Machine (SVM) machine learning to create a hybrid approach. This model capitalizes on the strengths of both methods to improve detection accuracy. Our results, based on simulations and practical SDN implementation, show that our approach effectively and rapidly detects DDoS attacks with high precision. This paper addresses the challenge of enhancing the efficiency and accuracy of DDoS attack detection by providing a comprehensive dataset collected from both simulated and practical environments, thereby improving the detection system's performance in real-time situations.

  Keywords

SDN, DDoS attacks, network security, machine learning, statistical analysis method, entropy, dynamic entropy.

Full Text    Volume 16

 

 

® All Rights Reserved - AIRCC