@Article{cmc.2024.057185,
AUTHOR = {Hira Akhtar Butt, Khoula Said Al Harthy, Mumtaz Ali Shah, Mudassar Hussain, Rashid Amin, Mujeeb Ur Rehman},
TITLE = {Enhanced DDoS Detection Using Advanced Machine Learning and Ensemble Techniques in Software Defined Networking},
JOURNAL = {Computers, Materials \& Continua},
VOLUME = {81},
YEAR = {2024},
NUMBER = {2},
PAGES = {3003--3031},
URL = {http://www.techscience.com/cmc/v81n2/58672},
ISSN = {1546-2226},
ABSTRACT = {Detecting sophisticated cyberattacks, mainly Distributed Denial of Service (DDoS) attacks, with unexpected patterns remains challenging in modern networks. Traditional detection systems often struggle to mitigate such attacks in conventional and software-defined networking (SDN) environments. While Machine Learning (ML) models can distinguish between benign and malicious traffic, their limited feature scope hinders the detection of new zero-day or low-rate DDoS attacks requiring frequent retraining. In this paper, we propose a novel DDoS detection framework that combines Machine Learning (ML) and Ensemble Learning (EL) techniques to improve DDoS attack detection and mitigation in SDN environments. Our model leverages the “DDoS SDN” dataset for training and evaluation and employs a dynamic feature selection mechanism that enhances detection accuracy by focusing on the most relevant features. This adaptive approach addresses the limitations of conventional ML models and provides more accurate detection of various DDoS attack scenarios. Our proposed ensemble model introduces an additional layer of detection, increasing reliability through the innovative application of ensemble techniques. The proposed solution significantly enhances the model’s ability to identify and respond to dynamic threats in SDNs. It provides a strong foundation for proactive DDoS detection and mitigation, enhancing network defenses against evolving threats. Our comprehensive runtime analysis of Simultaneous Multi-Threading (SMT) on identical configurations shows superior accuracy and efficiency, with significantly reduced computational time, making it ideal for real-time DDoS detection in dynamic, rapidly changing SDNs. Experimental results demonstrate that our model achieves outstanding performance, outperforming traditional algorithms with 99% accuracy using Random Forest (RF) and K-Nearest Neighbors (KNN) and 98% accuracy using XGBoost.},
DOI = {10.32604/cmc.2024.057185}
}