Mitigating DDoS Attack in SDN Using Random Forest Classifier–Based Flow Table Analysis with Ryu Controller

Abstract

As the Internet continues to be the primary driver of modern technology, the need for robust safety procedures increases. Distributed Denial of Service (DDoS) assaults represent an essential threat to network availability and performance, demanding active detection methods. This study explores Machine Learning (ML) techniques to improve the detection of DDoS assaults in SDN environments, using SDN's programmable and centralized framework for efficient traffic monitoring and analysis. This article aims to employ Ryu as the controller and use its skills to coordinate network tasks and allow seamless integration with the Random Forest (RF) ML classifier. The impact of applying ML in real-time DDoS detection is investigated with the flow table entries of the controller. 99.9% accuracy in attack traffic detection and blocking is achieved in Ryu to improve the general resistance of SDN-based networks to malicious activity.