International Journal of Computer Network and Information Security (IJCNIS)
IJCNIS Vol. 17, No. 4, 8 Aug. 2025
Cover page and Table of Contents: PDF (size: 1576KB)
Software-defined Networking Controller for Detection of DDoS Attacks Based on Deep Neural Networks
PDF (1576KB), PP.1-18
Views: 0 Downloads: 0
Author(s)
Index Terms
DDoS Attack, Deep Neural Network, Machine Learning Algorithm, Random Search, Logistic Regression, Naive Bayes, Software Defined Networking
Abstract
Advancements in technology contribute to an increased vulnerability to cyberattacks, with Distributed Denial of Service (DDoS) attacks being a prominent threat. Attackers overwhelm network servers with excessive data, hindering legitimate users from accessing them. Software Defined Networking (SDN) is particularly susceptible due to its centralized architecture, making it a prime target for DDoS attacks aimed at the control planes. As cloud computing has grown rapidly, software-defined networks have been developed to provide dynamic management and enhanced performance. Several security concerns are growing, especially as DDoS attacks and malicious actors become more interested in SDN controllers. Many researchers have proposed detecting DDoS attacks. Due to their unqualified features and non-realistic data sets, these approaches have high false positive rates and low accuracy. As a result, SDN controllers can be protected against DDoS attacks using deep learning algorithms (DL). Furthermore, the suggested method comprises three phases: The process involves pre-processing the data, selecting significant features for DDoS detection based on correlation, and utilizing Deep Neural Networks (DNNs) for the detection. In order to evaluate the efficiency of the method proposed, we employ a benchmarking dataset to evaluate the false positive rate as well as detectability, with the traditional assessment indicators. In this paper, we propose a deep learning method for detection of DDoS attacks called DNNADSC, which is the first anomaly detection method based on deep neural network for DDoS attacks. The method proposed efficaciously recognizes DDoS attacks, with the detection rate of 99.39%, with a precision of 97.41% with a false-positive rate (FPR) that is 0.0665 with the F1 measure of 99.32%.
Cite This Paper
Jeyavim Sherin R. C., Parkavi K., "Software-defined Networking Controller for Detection of DDoS Attacks Based on Deep Neural Networks", International Journal of Computer Network and Information Security(IJCNIS), Vol.17, No.4, pp.1-18, 2025. DOI:10.5815/ijcnis.2025.04.01
Reference
[1]J. E. Varghese and B. Muniyal, “An Efficient IDS Framework for DDoS Attacks in SDN Environment,” IEEE Access, vol. 9, pp. 69680–69699, 2021, doi: 10.1109/ACCESS.2021.3078065.
[2]L. Wan, Q. Wang, and S. Zheng, “Deep SSAE-BiLSTM Model for DDoS Detection in SDN,” Proc. - 2021 2nd Int. Conf. Comput. Commun. Netw. Secur. CCNS 2021, pp. 34–37, 2021, doi: 10.1109/CCNS53852.2021.00015.
[3]V. Deepa, K. Muthamil Sudar, and P. Deepalakshmi, “Detection of DDoS attack on SDN control plane using hybrid machine learning techniques,” Proc. Int. Conf. Smart Syst. Inven. Technol. ICSSIT 2018, no. February 2023, pp. 299–303, 2018, doi: 10.1109/ICSSIT.2018.8748836.
[4]V. Umarnani, D. R. Jitendra, and S. Chouhan, “Enhancing Network Security through Software Defined Networking (SDN).”
[5]M. Alshinwan et al., “Dragonfly algorithm: a comprehensive survey of its results, variants, and applications,” Multimed. Tools Appl., no. February, 2021, doi: 10.1007/s11042-020-10255-3.
[6]S. Dong and M. Sarem, “DDoS Attack Detection Method Based on Improved KNN with the Degree of DDoS Attack in Software-Defined Networks,” IEEE Access, vol. 8, pp. 5039–5048, 2020, doi: 10.1109/ACCESS.2019.2963077.
[7]N. Ahuja, G. Singal, and D. Mukhopadhyay, “DLSDN: Deep learning for DDOS attack detection in software defined networking,” Proc. Conflu. 2021 11th Int. Conf. Cloud Comput. Data Sci. Eng., pp. 683–688, 2021, doi: 10.1109/Confluence51648.2021.9376879.
[8]A. Mahalingam, G. Perumal, G. Subburayalu, and M. Albathan, “ROAST-IoT : A Novel Range-Optimized Attention Convolutional,” 2023.
[9]V. Deepa, K. M. Sudar, and P. Deepalakshmi, “Design of Ensemble Learning Methods for DDoS Detection in SDN Environment,” Proc. - Int. Conf. Vis. Towar. Emerg. Trends Commun. Networking, ViTECoN 2019, pp. 1–6, 2019, doi: 10.1109/ViTECoN.2019.8899682.
[10]T. A. Tang, D. McLernon, L. Mhamdi, S. A. R. Zaidi, and M. Ghogho, “Intrusion detection in sdn-based networks: Deep recurrent neural network approach,” Adv. Sci. Technol. Secur. Appl., pp. 175–195, 2019, doi: 10.1007/978-3- 030-13057-2 8.
[11]A. Ferriyan, A. H. Thamrin, K. Takeda, and J. Murai, “Generating network intrusion detection dataset based on real and encrypted synthetic attack traffic,” Appl. Sci., vol. 11, no. 17, 2021, doi: 10.3390/app11177868.
[12]Q. Zhou and Di. P. Pezaros, “BIDS: Bio-Inspired, Collaborative Intrusion Detection for Software Defined Networks,” IEEE Int. Conf. Commun., vol. 2019-May, pp. 1–6, 2019, doi: 10.1109/ICC.2019.8761410.
[13]T. A. Tang, L. Mhamdi, D. McLernon, S. A. R. Zaidi, M. Ghogho, and F. El Moussa, “DeepIDS: Deep learning approach for intrusion detection in software defined networking,” Electron., vol. 9, no. 9, pp. 1–18, 2020, doi: 10.3390/electronics9091533.
[14]R. Ben Said, Z. Sabir, and I. Askerzade, “CNN-BiLSTM: A Hybrid Deep Learning Approach for Network Intrusion Detection System in Software-Defined Networking with Hybrid Feature Selection,” IEEE Access, vol. 11, no. November, pp. 138732–138747, 2023, doi: 10.1109/ACCESS.2023.3340142.
[15]V. Sivagaminathan, M. Sharma, and S. K. Henge, “Intrusion detection systems for wireless sensor networks using computational intelligence techniques,” Cybersecurity, vol. 6, no. 1, 2023, doi: 10.1186/s42400-023-00161-0.
[16]L. F. Sikos, “Packet analysis for network forensics: A comprehensive survey,” Forensic Sci. Int. Digit. Investig., vol. 32, p. 200892, 2020, doi: 10.1016/j.fsidi.2019.200892.
[17]G. Kocher and G. Kumar, “Machine learning and deep learning methods for intrusion detection systems: recent developments and challenges,” Soft Comput., vol. 25, no. 15, pp. 9731–9763, 2021, doi: 10.1007/s00500-021- 05893-0.
[18]M. Vishwakarma and N. Kesswani, “DIDS: A Deep Neural Network based real-time Intrusion detection system for IoT,” Decis. Anal. J., vol. 5, no. September, p. 100142, 2022, doi: 10.1016/j.dajour.2022.100142.
[19]B. Cˇ elesova´, J. Val’ko, R. Grezˇo, and P. Helebrandt, “Enhancing security of SDN focusing on control plane and data plane,” 7th Int. Symp. Digit. Forensics Secur. ISDFS 2019, pp. 1–6, 2019, doi: 10.1109/ISDFS.2019.8757542.
[20]F. Khashab, J. Moubarak, A. Feghali, and C. Bassil, “DDoS Attack Detection and Mitigation in SDN using Machine Learning,” Proc. 2021 IEEE Conf. Netw. Softwarization Accel. Netw. Softwarization Cogn. Age, NetSoft 2021, pp. 395–401, 2021, doi: 10.1109/NetSoft51509.2021.9492558.
[21]J. Yu, X. Ye, and H. Li, “A high precision intrusion detection system for network security communication based on multi-scale convolutional neural network,” Futur. Gener. Comput. Syst., vol. 129, pp. 399–406, 2022, doi: 10.1016/j.future.2021.10.018.
[22]F. Alanazi, K. Jambi, F. Eassa, M. Khemakhem, A. Basuhail, and K. Alsubhi, “Ensemble Deep Learning Models for Mitigating DDoS Attack in Software-Defined Network,” Intell. Autom. Soft Comput., vol. 33, no. 2, pp. 923–938, 2022, doi: 10.32604/iasc.2022.024668.
[23]O. Sbai and M. Elboukhari, “Intrusion Detection System For Manets Using Deep Learning Approach,” Int. J. Com- put. Sci. Appl., vol. 18, no. 1, pp. 85–101, 2021.
[24]B. Lee, J. Kim, and M. Choi, “Federated Learning Based Network Intrusion Detection Model,” 2023 24st 24st Asia-Pacific Netw. Oper. Manag. Symp., pp. 330–333, 2023.
[25]M. Mittal, K. Kumar, and S. Behal, “Deep learning approaches for detecting DDoS attacks: a systematic review,” Soft Comput., vol. 27, no. 18, pp. 13039–13075, 2023, doi: 10.1007/s00500-021-06608-1.
[26]A. H. Mohammad, T. Alwada’n, O. Almomani, S. Smadi, and N. ElOmari, “Bio-inspired Hybrid Feature Selection Model for Intrusion Detection,” Comput. Mater. Contin., vol. 73, no. 1, pp. 133–150, 2022, doi: 10.32604/cmc.2022.027475.
[27]Z. D. A. Zaripova and D. Anvarovna, “Network security issues and effective protection against network attacks.”
[28]A. E. Ibor, O. B. Okunoye, F. A. Oladeji, and K. A. Abdulsalam, “Novel Hybrid Model for Intrusion Prediction on Cyber Physical Systems’ Communication Networks based on Bio-inspired Deep Neural Network Structure,” J. Inf. Secur. Appl., vol. 65, no. January, p. 103107, 2022, doi: 10.1016/j.jisa.2021.103107.
[29]M. T. Ali A. Ghorbani, Wei Lu, “Network Intrusion Detection and Prevention Advances in Information Security,” Inf. Syst., p. 223, 2010.
[30]M. S. El Sayed, N. A. Le-Khac, M. A. Azer, and A. D. Jurcut, “A Flow-Based Anomaly Detection Approach With Feature Selection Method Against DDoS Attacks in SDNs,” IEEE Trans. Cogn. Commun. Netw., vol. 8, no. 4, pp. 1862–1880, 2022, doi: 10.1109/TCCN.2022.3186331.