A novel dynamic framework to detect DDoS in SDN using metaheuristic clustering

Security is a crucial factor in the continuously evolving programmable networks. With the emergence of programmable networking terminals, the need to protect the networks has become mandatory. Software-defined networks (SDNs) provide programmable switches, thereby isolating the data plane from the control plane. Many security algorithms have been proposed to protect the network; however, they have failed to protect SDNs from attacks such as distributed denial of service (DDoS), jamming, and man-in-the-middle attacks. In this article, we only address the DDoS attack that prevails in SDNs. Isolation of the control plane from the data plane increases the probability of an attack on the data plane. Therefore, a framework that can handle the dynamic traffic and can protect the network from DDoS attacks is required. Our proposed whale optimization algorithm-based clustering for DDoS detection (WOA-DD) avoids the DDoS attacks using a metaheuristic approach by clustering the attack requests. We evaluated this algorithm for robustness in comparison with several existing solutions and found it to be safe under several conditions. The proposed attack request clustering is explored to check its feasibility with various machine learning approaches and found to be stable with the prevailing mechanisms. Analysis of the algorithm under varied conditions reveals that WOA-DD is robust, stable, and efficient against DDoS attacks.