A novel dynamic framework to detect DDoS in SDN using metaheuristic clustering

• Published in: Transactions on emerging telecommunications technologies Vol. 33; no. 3
• Main Authors: Shakil, Muhammad, Fuad Yousif Mohammed, Alaelddin, Arul, Rajakumar, Bashir, Ali Kashif, Choi, Jun Kyun
• Format: Journal Article
• Language: English
• Published: 01.03.2022
• ISSN: 2161-3915; 2161-3915
• DOI: 10.1002/ett.3622

Security is a crucial factor in the continuously evolving programmable networks. With the emergence of programmable networking terminals, the need to protect the networks has become mandatory. Software‐defined networks (SDNs) provide programmable switches, thereby isolating the data plane from the control plane. Many security algorithms have been proposed to protect the network; however, they have failed to protect SDNs from attacks such as distributed denial of service (DDoS), jamming, and man‐in‐the‐middle attacks. In this article, we only address the DDoS attack that prevails in SDNs. Isolation of the control plane from the data plane increases the probability of an attack on the data plane. Therefore, a framework that can handle the dynamic traffic and can protect the network from DDoS attacks is required. Our proposed whale optimization algorithm–based clustering for DDoS detection (WOA‐DD) avoids the DDoS attacks using a metaheuristic approach by clustering the attack requests. We evaluated this algorithm for robustness in comparison with several existing solutions and found it to be safe under several conditions. The proposed attack request clustering is explored to check its feasibility with various machine learning approaches and found to be stable with the prevailing mechanisms. Analysis of the algorithm under varied conditions reveals that WOA‐DD is robust, stable, and efficient against DDoS attacks. Software Defined Networks (SDN) are deployed in places where there is a need to separate the Control plane from the user plane. One of the predominant issues that prevail in the SDN is the lack of a DoS prevention algorithm. In this article, a Novel DDoS attack detection algorithm for the SDN environment based on the metaheuristic optimization algorithm is proposed, and it forms clusters which in turns not only detect the DDoS attack requests, it also avoids future attacks.