A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN)

TL;DR

This paper presents a deep learning-based system for detecting multi-vector DDoS attacks in SDN environments, leveraging feature reduction and achieving high accuracy with low false positives.

Contribution

It introduces a novel DDoS detection system in SDN that uses deep learning for feature reduction and is implemented as an SDN controller application.

Findings

High detection accuracy achieved

Low false-positive rate demonstrated

Effective feature reduction from network traffic headers

Abstract

Distributed Denial of Service (DDoS) is one of the most prevalent attacks that an organizational network infrastructure comes across nowadays. We propose a deep learning based multi-vector DDoS detection system in a software-defined network (SDN) environment. SDN provides flexibility to program network devices for different objectives and eliminates the need for third-party vendor-specific hardware. We implement our system as a network application on top of an SDN controller. We use deep learning for feature reduction of a large set of features derived from network traffic headers. We evaluate our system based on different performance metrics by applying it on traffic traces collected from different scenarios. We observe high accuracy with a low false-positive for attack detection in our proposed system.