HSF: A Hybrid SVM-RF Machine Learning Framework for Dual-Plane DDoS Detection and Mitigation in Software-Defined Networks

HSF: A Hybrid SVM-RF Machine Learning Framework for Dual-Plane DDoS Detection and Mitigation in Software-Defined Networks

Software-defined networking (SDN) has revolutionized network management by centralizing control through software, thereby enabling dynamic traffic adjustments that are independent of the data plane. However, this innovation introduces significant security vulnerabilities because the existing solutio...

Full description

Saved in:
Bibliographic Details
Main Authors: Abdinasir Hirsi, Lukman Audah, Mohammed A. Alhartomi, Adeb Salh, Godwin Okon Ansa, Mustafa Maad Hamdi, Diani Galih Saputri, Salman Ahmed, Abdullahi Farah
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
DDoS attack
machine learning
network security
random forest
SDN security
support vector machine
Online Access:https://ieeexplore.ieee.org/document/11053758/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Software-defined networking (SDN) has revolutionized network management by centralizing control through software, thereby enabling dynamic traffic adjustments that are independent of the data plane. However, this innovation introduces significant security vulnerabilities because the existing solutions are largely adaptations of traditional methods and fail to address the unique challenges of SDN environments. To address this issue, this study proposes a machine-learning (ML)-based intrusion detection framework tailored specifically for SDN. In particular, the framework utilizes a hybrid model that combines a Support Vector Machine (SVM) and Random Forest (RF) classifiers (HSF), which significantly improves intrusion detection accuracy. Specifically, the proposed solution is structured as a three-layer protection mechanism. First, the Data Plane Monitoring layer examines features, such as packet count and byte count, to detect anomalies. Second, the Control Plane Monitoring layer evaluates attributes such as the source IP, destination IP, and protocols to identify suspicious activity. Finally, the Detection Layer leverages the hybrid ML approach to further strengthen detection capabilities and ensure timely responses. Importantly, the experimental results reveal that the HSF technique achieves an anomaly detection rate exceeding 99% across both data and control planes. This highlights its efficacy in securing the next-generation SDN networks.
ISSN:2169-3536

Similar Items