DDoS detection and analysis in SDN-based environment using support vector machine classifier

TLDR

Software‑Defined Networking separates data and control planes, centralizes network control, and allows programmable flow policies, but its controller is vulnerable to DDoS attacks that exhaust resources and disrupt services, and support vector machines are a widely used, accurate classifier with low false‑positive rates. The study aims to develop an adaptive, accurate DDoS detection method that can identify attacks on the SDN controller at an early stage. The authors evaluate a support vector machine classifier for DDoS detection and compare its performance against other classifiers. Experiments demonstrate that the SVM classifier achieves higher accuracy than the alternative classifiers.

Abstract

Software Defined Networking (SDN) provides separation of data plane and control plane. The controller has centralized control of the entire network. SDN offers the ability to program the network and allows dynamic creation of flow policies. The controller is vulnerable to Distributed Denial of Service (DDoS) attacks that leads to resource exhaustion which causes non-reachability of services given by the controller. The detection of DDoS requires adaptive and accurate classifier that does decision making from uncertain information. It is critical to detect the attack in the controller at earlier stage. SVM is widely used classifier with high accuracy and less false positive rate. We analyze the SVM classifier and compare it with other classifiers for DDoS detection. The experiments show that SVM performs accurate classification than others.

References

Page 1

	Year	Citations

Page 1