The concept of Software Defined Networking (SDN) represents a modern approach to networking that separates the control plane from the data plane through network abstraction, resulting in a flexible, programmable and dynamic architecture compared to traditional networks. The separation of control and data planes has led to a high degree of network resilience, but has also given rise to new security risks, including the threat of distributed denial-of-service (DDoS) attacks, which pose a new challenge in the SDN environment. In this paper, the effectiveness of using machine learning algorithms to detect distributed denial-of-service (DDoS) attacks in software-defined networking (SDN) environments is investigated. Four algorithms, including Random Forest, Decision Tree, Support Vector Machine, and XGBoost, were tested on the CICDDoS2019 dataset, with the timestamp feature dropped among others. Performance was assessed by measures of accuracy, recall, accuracy, and F1 score, with the Random Forest algorithm having the highest accuracy, at 68.9%. The results indicate that ML-based detection is a more accurate and effective method for identifying DDoS attacks in SDN, despite the computational requirements of non-parametric algorithms.

翻译：软件定义网络（SDN）的概念代表了一种现代网络方法，通过网络抽象将控制平面与数据平面分离，与传统网络相比，形成了一种灵活、可编程且动态的架构。控制平面与数据平面的分离带来高度的网络弹性，但也引发了新的安全风险，包括分布式拒绝服务（DDoS）攻击的威胁，这对SDN环境提出了新的挑战。本文研究了在软件定义网络（SDN）环境中使用机器学习算法检测分布式拒绝服务（DDoS）攻击的有效性。在CICDDoS2019数据集上测试了四种算法，包括随机森林、决策树、支持向量机和XGBoost，其中丢弃了时间戳特征及其他特征。通过准确率、召回率、精确率和F1分数评估性能，随机森林算法的准确率最高，达到68.9%。结果表明，尽管非参数算法需要较高的计算资源，但基于机器学习的检测是识别SDN中DDoS攻击更准确且有效的方法。