A Hybrid Approach for Detection of DDoS Attacks using Entropy and Machine Learning in Software Defined Networks

Software-defined networking is one of the fast-growing and emerging technology which separates the control plane from the data plane. The control plane enables global network management, preventing the need for individual controllers in each networking system. Though SDN has many advantages, it has a serious threat from DDoS attack due to the centralized nature of the controller. DDoS are widely used cyberattack in SDN environment where in controller may be slowed down or shutdown. Detection of DDoS attack is addressed in the literature using machine learning and deep learning. However, most of the authors have addressed the detection of DDoS attack either in control plane or data plane. In this paper, we propose a hybrid approach to detection of the attack in control and data plane using the combination of entropy and machine learning approaches. We use Mininet emulator with POX controller to create a trained and test model. The results reveal that the combined approach achieves better accuracy with less overhead.