IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v17y2025i8p367-d1723479.html
   My bibliography  Save this article

DDoS Defense Strategy Based on Blockchain and Unsupervised Learning Techniques in SDN

Author

Listed:
  • Shengmin Peng

    (School of Intelligent Engineering, Fuzhou Polytechnic, Fuzhou 350108, China)

  • Jialin Tian

    (Computer and Information College, Fujian Agriculture and Forestry University, Fuzhou 350002, China)

  • Xiangyu Zheng

    (Computer and Information College, Fujian Agriculture and Forestry University, Fuzhou 350002, China)

  • Shuwu Chen

    (Computer and Information College, Fujian Agriculture and Forestry University, Fuzhou 350002, China)

  • Zhaogang Shu

    (Computer and Information College, Fujian Agriculture and Forestry University, Fuzhou 350002, China)

Abstract

With the rapid development of technologies such as cloud computing, big data, and the Internet of Things (IoT), Software-Defined Networking (SDN) is emerging as a new network architecture for the modern Internet. SDN separates the control plane from the data plane, allowing a central controller, the SDN controller, to quickly direct the routing devices within the topology to forward data packets, thus providing flexible traffic management for communication between information sources. However, traditional Distributed Denial of Service (DDoS) attacks still significantly impact SDN systems. This paper proposes a novel dual-layer strategy capable of detecting and mitigating DDoS attacks in an SDN network environment. The first layer of the strategy enhances security by using blockchain technology to replace the SDN flow table storage container in the northbound interface of the SDN controller. Smart contracts are then used to process the stored flow table information. We employ the time window algorithm and the token bucket algorithm to construct the first layer strategy to defend against obvious DDoS attacks. To detect and mitigate less obvious DDoS attacks, we design a second-layer strategy that uses a composite data feature correlation coefficient calculation method and the Isolation Forest algorithm from unsupervised learning techniques to perform binary classification, thereby identifying abnormal traffic. We conduct experimental validation using the publicly available DDoS dataset CIC-DDoS2019. The results show that using this strategy in the SDN network reduces the average deviation of round-trip time (RTT) by approximately 38.86% compared with the original SDN network without this strategy. Furthermore, the accuracy of DDoS attack detection reaches 97.66% and an F1 score of 92.2%. Compared with other similar methods, under comparable detection accuracy, the deployment of our strategy in small-scale SDN network topologies provides faster detection speeds for DDoS attacks and exhibits less fluctuation in detection time. This indicates that implementing this strategy can effectively identify DDoS attacks without affecting the stability of data transmission in the SDN network environment.

Suggested Citation

  • Shengmin Peng & Jialin Tian & Xiangyu Zheng & Shuwu Chen & Zhaogang Shu, 2025. "DDoS Defense Strategy Based on Blockchain and Unsupervised Learning Techniques in SDN," Future Internet, MDPI, vol. 17(8), pages 1-29, August.
  • Handle: RePEc:gam:jftint:v:17:y:2025:i:8:p:367-:d:1723479
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/17/8/367/pdf
    Download Restriction: no

    File URL: https://www.mdpi.com/1999-5903/17/8/367/
    Download Restriction: no
    ---><---

    More about this item

    Keywords

    ;
    ;
    ;
    ;

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:17:y:2025:i:8:p:367-:d:1723479. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.