Simulation of SDN in mininet and detection of DDoS attack using machine learning

Abstract

Most contemporary businesses are embracing software defined networking (SDN), a developing architecture that enables an aerial-like perspective of the entire network. SDN operates by virtualizing the network and provides advantages including improved performance, visibility, speed, and scalability. SDN attempts to divide the network control plane from the forwarding plane. The control plane, which includes one or more controllers and incorporates complete intelligence, is thought of as the brain of the SDN. However, SDN has challenges with controller vulnerability, flexibility, and hardware security. But distributed denial of service (DDoS) assaults constitutes a serious threat to the SDN. Transmission control protocol-synchronized (TCP-SYN) floods, a common cyberattack that can harm SDNs, can deplete network resources by opening an excessive number of illegitimate TCP connections. In this research, we provide an OpenFlow port statistic-based architecture for machine learning (ML) enabled TCP-SYN flood detection. This research showed that ML models like support vector machine (SVM), Navie Bayes, and multi-layered perceptron can distinguish between regular traffic and SYN flood traffic and can mitigate the impacts of the attacking node on the network. Results showed that the multilayered perceptron can classify the traffic with highest accuracy of 99.75% for the simulation dataset.