An optimized weighted voting based ensemble model for DDoS attack detection and mitigation in SDN environment

Abstract

In recent years, software defined networking (SDN) has risen to prominence as a cutting-edge and promising networking approach. SDN is more secure and immune to DDoS attacks than traditional networks due to the bifurcation of the control and data planes, a global perspective of the whole network, centralized network control, and many other features. SDN still seems to be vulnerable to new DDoS attacks that can target the Application plane, control plane, or data plane, as well as the SDN architectural communication channels. In this paper, we propose a novel optimized weighted voting ensemble model to detect DDoS attack in an SDN environment. The proposed ensemble employs six base classifiers (two SVMs, two Random forests, and two Gradient Boosted Machines) that are differentiated by hyperparameter values. The optimal set of weights are identified by a novel hybrid metaheuristic optimization algorithm (BHO). Our approach eliminates false negatives by employing a novel dynamic fitness function. For training the ensemble framework we used CIC-DDoS2019 dataset. To examine the proposed model’s performance, a testbed is developed using mininet and POX controller and loaded with multiple datasets. Our model outperforms all the recent approaches, achieving a low variance and high classification accuracies of 99.4163% and 99.3591% on CIC-DDoS2019 and CAIDA-2007 datasets respectively.