Abstract

Next-generation networks can benefit from a more dynamic and successfully\ncontrolled network design because of a new network paradigm termed the Software-Defined\nNetwork (SDN). Network administrators may simply monitor and manage the entire network\nusing the design of the customizable centralized controller. A number of attack vectors\nsimultaneously target it because of its centralized nature. DDoS attacks are the most efficient\ntype of attack against the SDN. The goal of this work is to classify SDN flow as either normal or\nassault traffic using ML techniques. We manage a public \"DDoS attack SDN Dataset\" with 23\ncharacteristics in total. The dataset comprises both legitimate and malicious traffic for the TCP,\nUDP, and ICMP (TCP). The dataset, which includes over 100,000 recordings, offers statistical\nstatistics such byte count, time sec, packet rate, and packet per flow, with the exclusion of\ncharacteristics that define source and target devices. In this paper DDoS attack was detected\nusing Various ML Algorithms such as K-Nearest Neighbor (KNN), Decision Tree (DT), Support\nVector Machine (SVM) and Random Forest (RF) algorithms The experimental results\ndemonstrate that an Ensemble Random Forest algorithm was given 99.99% classification\naccuracy than the other methods.