Detection of Distributed Denial of Service Attacks using Machine Learning Algorithms in Software Defined Networks

Software Defined Networking (SDN) is a new promising networking concept which has a centralized control over the network and separates the data and control planes. This new approach provides abstraction of lower-level functionality and allows the network administrators to initialize, control, change, and manage network behavior programmatically. The centralized control, being the major advantage of SDN can sometimes also be a major security threat. If the intruder succeeds in attacking the central controller, he would get access to the entire system. The controller is highly vulnerable to Distributed Denial of Service (DDoS) attacks which lead to exhaustion of the system resources which causes non-availability of the services given by the controller. It is critical to detect the attacks in the controller at earlier stage. Many algorithms and techniques have been discovered for this purpose. But less work has been done in the field of SDN networks. Using machine learning algorithms for classifying the connections into legitimate and illegitimate is one such solution. We use two machine learning algorithms namely, the Support Vector Machine (SVM) classifier and the Neural Network (NN) classifier to detect the suspicious and harmful connections.