Detection of Distributed Denial of Service Attacks in Software Defined Networks by Using Machine Learning

Within the sphere of Software-Defined Networking (SDN) — an innovative architectural paradigm that segregates the control plane from the data plane — a paramount concern is the defense against Distributed Denial of Service (DDoS) assaults. These attacks pose a significant threat to the integrity and operational sustainability of SDN infrastructures, potentially leading to extensive system disruptions and financial losses.To address this challenge, our study introduces an innovative approach utilizing machine learning strategies to enhance the detection of DDoS threats. We employed a trio of classification algorithms: Random Forest (RF), Support Vector Machine (SVM), and K-Nearest Neighbors (KNN), applied to a publicly available SDN dataset specific to DDoS attacks. Our methodology integrates a blend of feature selection techniques, including Recursive Feature Elimination (RFE), Principal Component Analysis (PCA), and t-Distributed Stochastic Neighbor Embedding (t-SNE), with the aim of refining the accuracy of our classifications.In a comparative analysis with existing models, our innovative application of KNN in conjunction with RFE demonstrated exceptional performance, achieving an accuracy of 99.97%, a precision of 99.98%, a recall of 99.96%, and an F1-score of 99.97%. This breakthrough indicates a significant advancement in the field of SDN security.