Nader Karmous¹, Wadii Jlassi¹, Mohamed Ould-Elhassen Aoueileyine¹, Imen Filali^2,*, Ridha Bouallegue¹

CMES-Computer Modeling in Engineering & Sciences, Vol.145, No.3, pp. 4363-4393, 2025, DOI:10.32604/cmes.2025.074178 - 23 December 2025

Abstract This paper introduces a robust Distributed Denial-of-Service attack detection framework tailored for Software-Defined Networking based Internet of Things environments, built upon a novel, synthetic multi-vector dataset generated in a Mininet-Ryu testbed using real-time flow-based labeling. The proposed model is based on the XGBoost algorithm, optimized with Principal Component Analysis for dimensionality reduction, utilizing lightweight flow-level features extracted from OpenFlow statistics to classify attacks across critical IoT protocols including TCP, UDP, HTTP, MQTT, and CoAP. The model employs lightweight flow-level features extracted from OpenFlow statistics to ensure low computational overhead and fast processing. Performance was rigorously… More >

Zesheng Xi^1,2,#, Chuan He^1,3,#, Yunfan Wang^1,3,#, Bo Zhang^1,*

CMES-Computer Modeling in Engineering & Sciences, Vol.144, No.2, pp. 2545-2565, 2025, DOI:10.32604/cmes.2025.066822 - 31 August 2025

Abstract The increasing reliance on interconnected Internet of Things (IoT) devices has amplified the demand for robust anonymization strategies to protect device identities and ensure secure communication. However, traditional anonymization methods for IoT networks often rely on static identity models, making them vulnerable to inference attacks through long-term observation. Moreover, these methods tend to sacrifice data availability to protect privacy, limiting their practicality in real-world applications. To overcome these limitations, we propose a dynamic device identity anonymization framework using Moving Target Defense (MTD) principles implemented via Software-Defined Networking (SDN). In our model, the SDN controller periodically… More >

Jawad Ahmad Ansari¹, Mohamad Khairi Ishak^2,*, Khalid Ammar²

CMC-Computers, Materials & Continua, Vol.82, No.2, pp. 2311-2330, 2025, DOI:10.32604/cmc.2025.057848 - 17 February 2025

Abstract Cyber-Physical System (CPS) devices are increasing exponentially. Lacking confidentiality creates a vulnerable network. Thus, demanding the overall system with the latest and robust solutions for the defence mechanisms with low computation cost, increased integrity, and surveillance. The proposal of a mechanism that utilizes the features of authenticity measures using the Destination Sequence Distance Vector (DSDV) routing protocol which applies to the multi-WSN (Wireless Sensor Network) of IoT devices in CPS which is developed for the Device-to-Device (D2D) authentication developed from the local-chain and public chain respectively combined with the Software Defined Networking (SDN) control and… More >

Suheib Alhiyari, Siti Hafizah AB Hamid^*, Nur Nasuha Daud

CMC-Computers, Materials & Continua, Vol.82, No.1, pp. 103-137, 2025, DOI:10.32604/cmc.2024.059050 - 03 January 2025

Abstract Software-defined networking (SDN) is an innovative paradigm that separates the control and data planes, introducing centralized network control. SDN is increasingly being adopted by Carrier Grade networks, offering enhanced network management capabilities than those of traditional networks. However, because SDN is designed to ensure high-level service availability, it faces additional challenges. One of the most critical challenges is ensuring efficient detection and recovery from link failures in the data plane. Such failures can significantly impact network performance and lead to service outages, making resiliency a key concern for the effective adoption of SDN. Since the More >

Suheib Alhiyari, Siti Hafizah AB Hamid^*, Nur Nasuha Daud

CMC-Computers, Materials & Continua, Vol.82, No.1, pp. 1087-1107, 2025, DOI:10.32604/cmc.2024.058953 - 03 January 2025

Abstract Link failure is a critical issue in large networks and must be effectively addressed. In software-defined networks (SDN), link failure recovery schemes can be categorized into proactive and reactive approaches. Reactive schemes have longer recovery times while proactive schemes provide faster recovery but overwhelm the memory of switches by flow entries. As SDN adoption grows, ensuring efficient recovery from link failures in the data plane becomes crucial. In particular, data center networks (DCNs) demand rapid recovery times and efficient resource utilization to meet carrier-grade requirements. This paper proposes an efficient Decentralized Failure Recovery (DFR) model… More >

Hira Akhtar Butt¹, Khoula Said Al Harthy², Mumtaz Ali Shah³, Mudassar Hussain^2,*, Rashid Amin^4,*, Mujeeb Ur Rehman¹

CMC-Computers, Materials & Continua, Vol.81, No.2, pp. 3003-3031, 2024, DOI:10.32604/cmc.2024.057185 - 18 November 2024

Abstract Detecting sophisticated cyberattacks, mainly Distributed Denial of Service (DDoS) attacks, with unexpected patterns remains challenging in modern networks. Traditional detection systems often struggle to mitigate such attacks in conventional and software-defined networking (SDN) environments. While Machine Learning (ML) models can distinguish between benign and malicious traffic, their limited feature scope hinders the detection of new zero-day or low-rate DDoS attacks requiring frequent retraining. In this paper, we propose a novel DDoS detection framework that combines Machine Learning (ML) and Ensemble Learning (EL) techniques to improve DDoS attack detection and mitigation in SDN environments. Our model… More >

Khawaja Tahir Mehmood^1,2,*, Shahid Atiq¹, Intisar Ali Sajjad³, Muhammad Majid Hussain⁴, Malik M. Abdul Basit²

CMES-Computer Modeling in Engineering & Sciences, Vol.141, No.2, pp. 1673-1708, 2024, DOI:10.32604/cmes.2024.053903 - 27 September 2024

Abstract Software-Defined Networking (SDN), with segregated data and control planes, provides faster data routing, stability, and enhanced quality metrics, such as throughput (T_h), maximum available bandwidth (B_d(max)), data transfer (D_Transfer), and reduction in end-to-end delay (D_(E-E)). This paper explores the critical work of deploying SDN in large­scale Data Center Networks (DCNs) to enhance its Quality of Service (QoS) parameters, using logically distributed control configurations. There is a noticeable increase in Delay_(E-E) when adopting SDN with a unified (single) control structure in big DCNs to handle Hypertext Transfer Protocol (HTTP) requests causing a reduction in network quality parameters (B_d(max), T_h, D_Transfer, D_(E-E),… More > Graphic Abstract

Johari Abdul Rahim¹, Rosdiadee Nordin^2,*, Oluwatosin Ahmed Amodu^3,4

CMC-Computers, Materials & Continua, Vol.80, No.1, pp. 747-800, 2024, DOI:10.32604/cmc.2024.047009 - 18 July 2024

Abstract Software Defined Networking (SDN) is programmable by separation of forwarding control through the centralization of the controller. The controller plays the role of the ‘brain’ that dictates the intelligent part of SDN technology. Various versions of SDN controllers exist as a response to the diverse demands and functions expected of them. There are several SDN controllers available in the open market besides a large number of commercial controllers; some are developed to meet carrier-grade service levels and one of the recent trends in open-source SDN controllers is the Open Network Operating System (ONOS). This paper… More >

Laila M. Halman, Mohammed J. F. Alenazi^*

CMES-Computer Modeling in Engineering & Sciences, Vol.138, No.2, pp. 1469-1483, 2024, DOI:10.32604/cmes.2023.028077 - 17 November 2023

Abstract The healthcare sector holds valuable and sensitive data. The amount of this data and the need to handle, exchange, and protect it, has been increasing at a fast pace. Due to their nature, software-defined networks (SDNs) are widely used in healthcare systems, as they ensure effective resource utilization, safety, great network management, and monitoring. In this sector, due to the value of the data, SDNs face a major challenge posed by a wide range of attacks, such as distributed denial of service (DDoS) and probe attacks. These attacks reduce network performance, causing the degradation of… More > Graphic Abstract

Rizwan Iqbal^1,*, Rashid Hussain², Sheeraz Arif³, Nadia Mustaqim Ansari⁴, Tayyab Ahmed Shaikh²

CMC-Computers, Materials & Continua, Vol.77, No.2, pp. 1575-1598, 2023, DOI:10.32604/cmc.2023.042432 - 29 November 2023

Abstract Software-Defined Networking (SDN) is a new network technology that uses programming to complement the data plane with a control plane. To enable safe connection, however, numerous security challenges must be addressed. Flooding attacks have been one of the most prominent risks on the internet for decades, and they are now becoming challenging difficulties in SDN networks. To solve these challenges, we proposed a unique firewall application built on multiple levels of packet filtering to provide a flooding attack prevention system and a layer-based packet detection system. This study offers a systematic strategy for wrapping up… More >