IDEAS home Printed from https://ideas.repec.org/a/plo/pone00/0312425.html
   My bibliography  Save this article

Distributed Denial of Services (DDoS) attack detection in SDN using Optimizer-equipped CNN-MLP

Author

Listed:
  • Sajid Mehmood
  • Rashid Amin
  • Jamal Mustafa
  • Mudassar Hussain
  • Faisal S Alsubaei
  • Muhammad D Zakaria

Abstract

Software-Defined Networks (SDN) provides more control and network operation over a network infrastructure as an emerging and revolutionary paradigm in networking. Operating the many network applications and preserving the network services and functions, the SDN controller is regarded as the operating system of the SDN-based network architecture. The SDN has several security problems because of its intricate design, even with all its amazing features. Denial-of-service (DoS) attacks continuously impact users and Internet service providers (ISPs). Because of its centralized design, distributed denial of service (DDoS) attacks on SDN are frequent and may have a widespread effect on the network, particularly at the control layer. We propose to implement both MLP (Multilayer Perceptron) and CNN (Convolutional Neural Networks) based on conventional methods to detect the Denial of Services (DDoS) attack. These models have got a complex optimizer installed on them to decrease the false positive or DDoS case detection efficiency. We use the SHAP feature selection technique to improve the detection procedure. By assisting in the identification of which features are most essential to spot the incidents, the approach aids in the process of enhancing precision and flammability. Fine-tuning the hyperparameters with the help of Bayesian optimization to obtain the best model performance is another important thing that we do in our model. Two datasets, InSDN and CICDDoS-2019, are utilized to assess the effectiveness of the proposed method, 99.95% for the true positive (TP) of the CICDDoS-2019 dataset and 99.98% for the InSDN dataset, the results show that the model is highly accurate.

Suggested Citation

  • Sajid Mehmood & Rashid Amin & Jamal Mustafa & Mudassar Hussain & Faisal S Alsubaei & Muhammad D Zakaria, 2025. "Distributed Denial of Services (DDoS) attack detection in SDN using Optimizer-equipped CNN-MLP," PLOS ONE, Public Library of Science, vol. 20(1), pages 1-29, January.
    • Handle: RePEc:plo:pone00:0312425
    DOI: 10.1371/journal.pone.0312425
    as

    Download full text from publisher

    File URL: https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0312425
    Download Restriction: no
    File URL: https://journals.plos.org/plosone/article/file?id=10.1371/journal.pone.0312425&type=printable
    Download Restriction: no
    File URL: https://libkey.io/10.1371/journal.pone.0312425?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. Anupama Mishra & Neena Gupta & Brij B. Gupta, 2023. "Defensive mechanism against DDoS attack based on feature selection and multi-classifier algorithms," Telecommunication Systems: Modelling, Analysis, Design and Management, Springer, vol. 82(2), pages 229-244, February.
    2. Chin-Shiuh Shieh & Thanh-Tuan Nguyen & Mong-Fong Horng, 2023. "Detection of Unknown DDoS Attack Using Convolutional Neural Networks Featuring Geometrical Metric," Mathematics, MDPI, vol. 11(9), pages 1-24, May.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Tan Li & Che-Heng Fung & Him-Ting Wong & Tak-Lam Chan & Haibo Hu, 2023. "Functional Subspace Variational Autoencoder for Domain-Adaptive Fault Diagnosis," Mathematics, MDPI, vol. 11(13), pages 1-18, June.
    2. Walid I. Khedr & Ameer E. Gouda & Ehab R. Mohamed, 2023. "P4-HLDMC: A Novel Framework for DDoS and ARP Attack Detection and Mitigation in SD-IoT Networks Using Machine Learning, Stateful P4, and Distributed Multi-Controller Architecture," Mathematics, MDPI, vol. 11(16), pages 1-36, August.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:plo:pone00:0312425. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: plosone (email available below). General contact details of provider: https://journals.plos.org/plosone/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.