Open Access

ARTICLE

Enhanced DDoS Detection Using Advanced Machine Learning and Ensemble Techniques in Software Defined Networking

Hira Akhtar Butt¹, Khoula Said Al Harthy², Mumtaz Ali Shah³, Mudassar Hussain^2,*, Rashid Amin^4,*, Mujeeb Ur Rehman¹

1 Department of Computer Science, University of Management and Technology, Sialkot, 51040, Pakistan
2 Department of Computer Science and Creative Technologies, Global College of Engineering and Technology, Muscat, 2546, Sultanate of Oman
3 Department of Computer Science, University of Wah, Wah Cantt, 47040, Pakistan
4 Department of Computer Science and IT, University of Chakwal, Chakwal, 48800, Pakistan

* Corresponding Authors: Mudassar Hussain. Email: ; Rashid Amin. Email:

Computers, Materials & Continua 2024, 81(2), 3003-3031. https://doi.org/10.32604/cmc.2024.057185

Received 10 August 2024; Accepted 08 October 2024; Issue published 18 November 2024

Abstract

Detecting sophisticated cyberattacks, mainly Distributed Denial of Service (DDoS) attacks, with unexpected patterns remains challenging in modern networks. Traditional detection systems often struggle to mitigate such attacks in conventional and software-defined networking (SDN) environments. While Machine Learning (ML) models can distinguish between benign and malicious traffic, their limited feature scope hinders the detection of new zero-day or low-rate DDoS attacks requiring frequent retraining. In this paper, we propose a novel DDoS detection framework that combines Machine Learning (ML) and Ensemble Learning (EL) techniques to improve DDoS attack detection and mitigation in SDN environments. Our model leverages the “DDoS SDN” dataset for training and evaluation and employs a dynamic feature selection mechanism that enhances detection accuracy by focusing on the most relevant features. This adaptive approach addresses the limitations of conventional ML models and provides more accurate detection of various DDoS attack scenarios. Our proposed ensemble model introduces an additional layer of detection, increasing reliability through the innovative application of ensemble techniques. The proposed solution significantly enhances the model’s ability to identify and respond to dynamic threats in SDNs. It provides a strong foundation for proactive DDoS detection and mitigation, enhancing network defenses against evolving threats. Our comprehensive runtime analysis of Simultaneous Multi-Threading (SMT) on identical configurations shows superior accuracy and efficiency, with significantly reduced computational time, making it ideal for real-time DDoS detection in dynamic, rapidly changing SDNs. Experimental results demonstrate that our model achieves outstanding performance, outperforming traditional algorithms with 99% accuracy using Random Forest (RF) and K-Nearest Neighbors (KNN) and 98% accuracy using XGBoost.

---

Keywords

---