Distributed Denial of Service Attack Detection in Software Defined Networking (SDN) Using Deep Learning Techniques

Abstract

ABSTRACT
Software-Defined Networks (SDNs) have revolutionized network management by providing centralized control and exceptional flexibility, establishing them as a key technology in mod-ern networking. However, this centralized structure renders SDNs highly vulnerable to Dis-tributed Denial of Service (DDoS) attacks, which can exhaust network resources and disrupt essential services. Conventional detection techniques, such as traditional machine learning models like Random Forest and Support Vector Machines, often fail to adapt to the dynamic traffic patterns of SDNs and struggle to detect previously unseen attacks. Typically achieving accuracies below 98.3%, these methods depend heavily on manual feature engineering, which restricts their capacity to handle intricate, high-dimensional network data efficiently. To ad-dress these shortcomings, this study proposes a hybrid model combining Convolutional Neu-ral Networks (CNNs) and Long Short-Term Memory (LSTM) networks, utilizing deep learn-ing to enable automated feature extraction and temporal pattern analysis. The CNN compo-nent identifies spatial patterns within network traffic, while the LSTM captures temporal rela-tionships, offering a comprehensive approach to traffic analysis. Evaluated using the CICDDoS2019 dataset, the model achieves an outstanding accuracy 98.3%, precision 99%, recall 100% and F-1score 100%, respectively. These results highlight the model’s exceptional capability to detect DDoS attacks with virtually no missed threats or false alarms, surpassing the performance of existing methods. This research not only demonstrates the effectiveness of the hybrid CNN-LSTM approach but also emphasizes its potential implementation, for providing a robust and scalable solution to strengthen SDN security against increasingly so-phisticated cyber threats.