SDN Enabled DDoS Attack Detection and Mitigation for 5G Networks

Abstract

This paper proposes a hybrid technique for distributed denial-of-service (DDoS) attack detection that combines statistical analysis and machine learning, with software defined networking (SDN) security. Data sets are analyzed in an iterative approach and compared to a dynamic threshold. Sixteen features are extracted, and machine learning is used to examine correlation measures between the features. A dynamically configured SDN is employed with software defined security (SDS), to provide a robust policy framework to protect the availability and integrity, and to maintain privacy of all the networks with quick response remediation. Machine learning is further employed to increase the precision of detection. This increases the accuracy from 87/88% to 99.86%, with reduced false positive ratio (FPR). The results obtained based on experimental data-sets outperformed existing techniques.