HSF: A Hybrid SVM-RF Machine Learning Framework for Dual-Plane DDoS Detection and Mitigation in Software-Defined Networks

被引：0

作者：

Hirsi, Abdinasir ^{[1
,2
]}

Audah, Lukman ^{[1
,3
]}

Alhartomi, Mohammed A. ^{[4
]}

Salh, Adeb ^{[5
]}

Ansa, Godwin Okon ^{[6
]}

Hamdi, Mustafa Maad ^{[7
]}

Saputri, Diani Galih ^{[8
]}

Ahmed, Salman ^{[9
]}

Farah, Abdullahi ^{[10
]}

机构：

[1] Universiti Tun Hussein Onn Malaysia (UTHM), Advanced Telecommunication Research Center, Faculty of Electrical and Electronic Engineering, Parit Raja

[2] Jamhuriya University of Science and Technology, Faculty of Engineering, Mogadishu

[3] UTHM, Faculty of Electronic and Electrical Engineering, Parit Raja

[4] University of Tabuk, Department of Electrical Engineering, Tabuk

[5] Universiti Tunku Abdul Rahman (UTAR), Faculty of Information and Communication Technology, Kampar

[6] Akwa Ibom State University, Mkpat Enin, Faculty of Physical Sciences, Department of Computer Science, Akwa Ibom

[7] University of Anbar, College of Computer Science and IT, Department of Computer Science, Ramadi

[8] UTHM, Microelectronics and Nanotechnology Shamsuddin Research Centre (MiNT-SRC), Johor, Parit Raja

[9] UTHM, Faculty of Electrical and Electronic Engineering, VLSI and Embedded Technology (VEST) Focus Group, Parit Raja

[10] Somtel Telecommunication Company, Engineering Department, Bosaso

来源：

IEEE Access | 2025年 / 13卷

关键词：

DDoS attack; machine learning; network security; random forest; SDN security; support vector machine;

D O I：

10.1109/ACCESS.2025.3583712

中图分类号：

学科分类号：

摘要：

Software-defined networking (SDN) has revolutionized network management by centralizing control through software, thereby enabling dynamic traffic adjustments that are independent of the data plane. However, this innovation introduces significant security vulnerabilities because the existing solutions are largely adaptations of traditional methods and fail to address the unique challenges of SDN environments. To address this issue, this study proposes a machine-learning (ML)-based intrusion detection framework tailored specifically for SDN. In particular, the framework utilizes a hybrid model that combines a Support Vector Machine (SVM) and Random Forest (RF) classifiers (HSF), which significantly improves intrusion detection accuracy. Specifically, the proposed solution is structured as a three-layer protection mechanism. First, the Data Plane Monitoring layer examines features, such as packet count and byte count, to detect anomalies. Second, the Control Plane Monitoring layer evaluates attributes such as the source IP, destination IP, and protocols to identify suspicious activity. Finally, the Detection Layer leverages the hybrid ML approach to further strengthen detection capabilities and ensure timely responses. Importantly, the experimental results reveal that the HSF technique achieves an anomaly detection rate exceeding 99% across both data and control planes. This highlights its efficacy in securing the next-generation SDN networks. © 2013 IEEE.

引用

页码：112303 / 112323

页数：20

共 60 条

[21]

Almadhor A., Altalbe A., Bouazzi I., Hejaili A.A., Kryvinska N., Strengthening network DDOS attack detection in heterogeneous IoT environment with federated XAI learning approach, Sci. Rep., 14, 1, (2024)

[22]

Abdi A.H., Audah L., Salh A., Alhartomi M.A., Rasheed H., Ahmed S., Tahir A., Security control and data planes of SDN: A comprehensive review of traditional, AI and MTD approaches to security solutions, IEEE Access, 12, pp. 69941-69980, (2024)

[23]

Wang K., Fu Y., Duan X., Liu T., Detection and mitigation of DDoS attacks based on multi-dimensional characteristics in SDN, Sci. Rep., 14, 1, (2024)

[24]

Alashhab A.A., Zahid M.S., Isyaku B., Elnour A.A., Nagmeldin W., Abdelmaboud A., Abdullah T.A.A., Maiwada U.D., Enhancing DDoS attack detection and mitigation in SDN using an ensemble online machine learning model, IEEE Access, 12, pp. 51630-51649, (2024)

[25]

Eldhai A.M., Hamdan M., Abdelaziz A., Hashem I.A.T., Babiker S.F., Marsono M.N., Hamzah M., Jhanjhi N.Z., Improved feature selection and stream traffic classification based on machine learning in software-defined networks, IEEE Access, 12, pp. 34141-34159, (2024)

[26]

Alzahrani A.O., Alenazi M.J.F., Designing a network intrusion detection system based on machine learning for software defined networks, Future Internet, 13, 5, (2021)

[27]

Almasri T., Snober M.A., Al-Haija Q.A., IDPS-SDN-ML: An intrusion detection and prevention system using software-defined networks and machine learning, Proc. 1st Int. Conf. Smart Technol., Appl. Informat., Eng. (APICS), pp. 133-137, (2022)

[28]

Alqahtani A.H., Clark J.A., Enhanced scanning in SDN networks and its detection using machine learning, Proc. IEEE 4th Int. Conf. Trust, pp. 188-197, (2022)

[29]

Pakala D., Priya L., Vantsala M.K., Konduru H.R., Rajagopalan N., Enhancing software-defined networks (SDN) environment to detect DDoS attack using KNN classifier algorithm, Proc. Int. Conf. Signal Process., Comput., Electron., Power Telecommun. (IConSCEPT), pp. 1-6, (2024)

[30]

Safavat S., Rawat D.B., OptiML: An enhanced ML approach towards design of SDN based UAV networks, Proc. IEEE Int. Conf. Commun., pp. 1-6, (2022)

← 1 2 3 4 5 6 →