Optimizing DDoS attack detection in SDN using machine learning

---

Résumé

Distributed Denial of Service attacks are a major threat to network security, particularly for Software-Defined Networks. Despite their centralized and flexible management, they are particularly vulnerable to Distributed Denial of Service attacks. In this paper, an effective approach to identifying Distributed Denial of Service attacks based on Machine Learning models embedded in the Ryu controller is proposed. A wrapper-based feature selection method, backward elimination, is applied to optimize classification performance while reducing computational complexity. A custom network topology was designed to reflect a realistic scenario, and tools such as Hping3 and iPerf were used to generate malicious and legitimate traffic respectively. Classification models used included Logistic Regression, Decision Trees, K-Nearest Neighbors and eXtreme Gradient Boosting. Performance was evaluated using standard measures such as accuracy, precision, recall and F1 score. The experimental results show that the eXtreme Gradient Boosting model outperforms the others in terms of overall performance, providing a robust and effective solution for detecting Distributed Denial of Service attacks in SDN environments.

Mots-clés

Distributed Denial of Service , Software-Defined Network , model , Machine Learning , dataset , performance