Optimized Artificial Intelligence Model for DDoS Detection in SDN Environment

Distributed denial of service (DDoS) attacks continue to be a major security concern, threatening the availability and reliability of network services. Software-defined networking (SDN) has emerged as a promising solution to address this issue, enabling centralized network control and management. However, conventional SDN-based DDoS mitigation techniques often struggle to detect and mitigate sophisticated attacks due to their limited ability to analyze complex traffic patterns. This paper proposes an innovative and optimized approach that effectively combines mininet, Ryu controller, and one dimensional-convolutional neural network (1D-CNN) to detect and mitigate DDoS attacks in SDN environments. The proposed approach involves training the 1D-CNN model with labeled network traffic data to effectively identify abnormal patterns associated with DDoS attacks. Furthermore, seven hyperparameters of the trained 1D-CNN model were tuned using non-dominated sorting genetic algorithm II (NSGA-II) to achieve the best accuracy with minimum training time. Once the optimized 1D-CNN model detects an attack, the Ryu controller dynamically adapts the network policies and employs appropriate mitigation techniques to protect the network infrastructure. To evaluate the effectiveness of the optimized 1D-CNN model, extensive experiments were conducted using a simulated SDN environment with a realistic DDoS attack dataset. The experimental results demonstrate that the developed approach achieves significantly improved detection accuracy of 99.99% compared to other machine learning (ML) models. The NSGA-II enhances the optimized model accuracy with an improvement rate of 9.5%, 8%, 5.4%, and 2.6% when it is compared to logistic regression (LR), random forest (RF), support vector machine (SVM), and k-nearest neighbor (KNN) optimized models respectively. This research paves the way for future developments in leveraging deep learning (DL) driven techniques and SDN architectures to address evolving cybersecurity challenges.