A Comparative Study on the Performance Evaluation of DDoS Attack Detection Methods

Software-Defined Networking (SDN) has emerged as an alternative for conventional network management architectures. Although SDN addresses the issues of conventional network relating to adaptability, flexibility and scalablity, due to its centralized controller, it is much more vulnerable to attacks on network availability like Distributed Denial of Service (DDoS) attack. Most of the proposed DDoS detection approaches for SDN are usually integrated into the controllers that have limited computing power and these detection approaches bring extra computational cost overhead for the controllers; therefore, while choosing the suitable approach the overall computational overhead should be taken into account together with the higher detection performance. In this paper, we compare two DDoS detection schemes with respect to detection performance and computational complexity cost. While one scheme is based on thresholding approach another one is based on Machine Learning (ML) approach. The result shows that the ML-based scheme outperforms the other in both detection performance and computational complexity cost.