A novel CNN-enhanced detection and mitigation of DDoS attacks in SDN

Software-defined networking (SDN) offers substantial advantages in network flexibility, scalability, and resource management. However, the rise of cyber-attacks, particularly distributed denial of service (DDoS) attacks, poses significant threats to the stability and security of SDN environments. DDoS attacks are notably destructive, with the ability to incapacitate network availability by overwhelming resources, a challenge that traditional detection methods struggle to counter. This study presents a novel convolutional neural network (CNN)-based approach, integrated with a block flow rule mechanism, to detect and mitigate DDoS attacks in SDN. Our model effectively extracts distinct traffic features, leveraging principal component analysis (PCA) to enhance computational efficiency by reducing data dimensionality. Unlike prior work that often relies on non-SDN-specific datasets, we validate our approach on the InSDN dataset, which better represents real-world SDN environments, and additionally test its applicability using the CICIDS2018 dataset. Experimental results demonstrate the proposed method's superior detection accuracy and mitigation performance over conventional techniques, achieving a detection accuracy of 99.99% and an error rate of only 0.0049%, underscoring its potential for robust DDoS defense in SDN.