Vol.71, No.1, 2022, pp.771-789, doi:10.32604/cmc.2022.021669
DDoS Detection in SDN using Machine Learning Techniques
  • Muhammad Waqas Nadeem, Hock Guan Goh*, Vasaki Ponnusamy, Yichiet Aun
Faculty of Information and Communication Technology (FICT), Universiti Tunku Abdul Rahman (UTAR) Jalan Universiti, Bandar Barat, 31900 Kampar, Perak, Malaysia
* Corresponding Author: Hock Guan Goh. Email:
(This article belongs to this Special Issue: Machine Learning Empowered Secure Computing for Intelligent Systems)
Received 10 July 2021; Accepted 20 August 2021; Issue published 03 November 2021
Software-defined network (SDN) becomes a new revolutionary paradigm in networks because it provides more control and network operation over a network infrastructure. The SDN controller is considered as the operating system of the SDN based network infrastructure, and it is responsible for executing the different network applications and maintaining the network services and functionalities. Despite all its tremendous capabilities, the SDN face many security issues due to the complexity of the SDN architecture. Distributed denial of services (DDoS) is a common attack on SDN due to its centralized architecture, especially at the control layer of the SDN that has a network-wide impact. Machine learning is now widely used for fast detection of these attacks. In this paper, some important feature selection methods for machine learning on DDoS detection are evaluated. The selection of optimal features reflects the classification accuracy of the machine learning techniques and the performance of the SDN controller. A comparative analysis of feature selection and machine learning classifiers is also derived to detect SDN attacks. The experimental results show that the Random forest (RF) classifier trains the more accurate model with 99.97% accuracy using features subset by the Recursive feature elimination (RFE) method.
Machine learning; software-defined network; distributed denial of services; feature selection; protection; artificial neural network; decision trees; naïve bayes; security
Cite This Article
Nadeem, M. W., Goh, H. G., Ponnusamy, V., Aun, Y. (2022). DDoS Detection in SDN using Machine Learning Techniques. CMC-Computers, Materials & Continua, 71(1), 771–789.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.