Quantitative Analysis of Security Enhancements in Software-Defined Networks (SDN) Against DDoS Attacks

Authors

  • Prathapagiri Harish Kumar Department of Computer Science and Engineering, Kakatiya Institute of Technology and Science, Koukonda, Telangana, India Author
  • Nikhil Reddy Kotha Student, Department of School of Business, Belhaven University, Jackson, Mississippi, USA Author
  • Bathala Neeraja Lecturer, Department of Electrical and Electronics Engineering, Government Polytechnic, Nalgonda, Telangana, India. Author
  • Thalakola Madhukar Reddy Lecture, Department of Electrical and Electronics Engineering, Government Polytechnic, Nalgonda, Nalgonda, Telangana, India. Author

DOI:

https://doi.org/10.32628/IJSRST25122249

Keywords:

Software-Defined Networking, Distributed Denial of Service, Security Enhancements, Anomaly Detection, Machine Learning, Flow Monitoring, Rate Limiting, Network Performance, Attack Mitigation, Quantitative Analysis, SDN Security, Traffic Analysis, DDoS Detection

Abstract

Software-Defined Networking (SDN) offers a flexible and dynamic network architecture that is increasingly adopted for modern network management. However, the inherent centralization of the control plane makes SDNs vulnerable to Distributed Denial of Service (DDoS) attacks, which can disrupt network performance and availability. This paper presents a quantitative analysis of security enhancements in SDN environments to mitigate DDoS attacks. The research investigates various security mechanisms, including flow monitoring, rate limiting, and machine learning-based anomaly detection, by simulating DDoS attack scenarios in an SDN testbed. Key performance metrics, such as network throughput, latency, packet loss, and attack detection accuracy, are evaluated to assess the effectiveness of each security enhancement. Results indicate that while all security mechanisms improve resilience against DDoS attacks, machine learning-based solutions offer the best trade-off between detection accuracy and minimal performance degradation. The findings provide valuable insights for the development of robust security frameworks in SDN environments, ensuring reliable and efficient operation in the face of malicious traffic. Recommendations for future research include exploring hybrid security mechanisms and scaling solutions for large-scale networks.

Downloads

Download data is not yet available.

References

Yang, L., Li, Y., Wang, Y., & Li, K. (2016). Software-Defined Networking (SDN): A Survey and New Directions. IEEE Access, 4, 6865-6877.

Wang, L., Zhang, W., & Chen, J. (2017). A Survey of DDoS Attack Detection and Mitigation in SDN. IEEE Access, 5, 22145-22161.

Liu, J., Liu, F., & Guo, Y. (2018). DDoS Attack Detection in SDN-Based Networks Using Machine Learning. International Journal of Computer Applications, 179(17), 1-9.

Korkmaz, E., & Gupta, S. (2019). A Survey on DDoS Attack Detection and Mitigation Techniques in Software-Defined Networks. Journal of Network and Computer Applications, 135, 25-47.

Su, X., Guo, F., & Li, L. (2019). SDN-Based DDoS Attack Detection and Mitigation: A Survey. IEEE Access, 7, 126548-126565.

Zhang, Z., & Luo, X. (2019). DDoS Detection and Mitigation for Software-Defined Networking: A Survey. Journal of Computer Science and Technology, 34(3), 615-627.

Al-Shaer, E., & Hamed, H. (2004). Flow-Based Anomaly Detection for DDoS Attack Prevention in IP Networks. IEEE Transactions on Network and Service Management, 1(3), 18-30.

Mirkovic, J., & Reiher, P. (2004). A Taxonomy of DDoS Attack and DDoS Defense Mechanisms. ACM SIGCOMM Computer Communication Review, 34(2), 39-53.

He, Z., & Yang, Y. (2017). DDoS Attack Detection Based on SVM in SDN. Proceedings of the 2017 International Conference on Computer and Communication Systems (ICCCS 2017), 138-142.

Xie, L., & Li, Y. (2020). Deep Learning-Based DDoS Attack Detection in SDNs. Proceedings of the IEEE 4th International Conference on Cloud Computing and Big Data Analysis (ICCCBDA 2020), 208-213.

Bhattacharyya, D., & Bhowmick, S. (2017). DDoS Attack Mitigation in SDN Using Machine Learning: A Review. Journal of King Saud University-Computer and Information Sciences, 33(7), 795-803.

Zhang, L., & Shen, X. (2018). An Overview of Security in Software Defined Networking (SDN). IEEE Access, 6, 6587-6595.

Ma, X., & Zhou, X. (2018). Anomaly Detection in SDN for DDoS Attack Prevention Using Deep Neural Networks. IEEE Transactions on Industrial Informatics, 14(8), 3385-3393.

Liu, W., & Wu, H. (2020). A Survey of DDoS Attack Detection and Mitigation in SDN: Methods and Challenges. IEEE Access, 8, 98215-98235.

Moustafa, H., & Creese, S. (2018). SDN Security: Vulnerabilities, Attacks, and Countermeasures. IEEE Transactions on Network and Service Management, 15(4), 1436-1449.

Xie, L., & Guo, Y. (2019). DDoS Attack Detection and Mitigation in SDNs Using Machine Learning and Traffic Anomaly Detection. Proceedings of the 2019 IEEE International Conference on Communications (ICC 2019), 1-6.

Zhang, Y., & Yang, Z. (2020). Adaptive DDoS Mitigation Strategy for SDN with Hybrid Detection. Computers, 9(4), 91-104.

Liu, J., & Li, W. (2021). Deep Learning Techniques for DDoS Attack Detection in SDN Environments. IEEE Access, 9, 56334-56345.

Downloads

Published

24-03-2025

Issue

Vol. 12 No. 2 (2025): March-April

Section

Research Articles

License

Copyright (c) 2025 International Journal of Scientific Research in Science and Technology

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Prathapagiri Harish Kumar, Nikhil Reddy Kotha, Bathala Neeraja, and Thalakola Madhukar Reddy , Trans., “Quantitative Analysis of Security Enhancements in Software-Defined Networks (SDN) Against DDoS Attacks”, Int J Sci Res Sci & Technol, vol. 12, no. 2, pp. 389–397, Mar. 2025, doi: 10.32628/IJSRST25122249.